Multiple Storage XSS Vulnerabilities in CHIYU Technology Inc's BF-430, BF-431, and BF-450M TCP/IP Converter Devices

Multiple Storage XSS Vulnerabilities in CHIYU Technology Inc's BF-430, BF-431, and BF-450M TCP/IP Converter Devices

CVE-2021-31250 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Multiple storage XSS vulnerabilities were discovered on BF-430, BF-431 and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of sanitization of the input on the components man.cgi, if.cgi, dhcpc.cgi, ppp.cgi.

Learn more about our Web Application Penetration Testing UK.