CVE-2021-31251
published 2021-06-04CVE-2021-31251: An authentication bypass in telnet server in BF-430 and BF431 232/422 TCP/IP Converter, BF-450M and SEMAC from CHIYU Technology Inc allows obtaining a…
PriorityP181critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
35.71%
98.3th percentile
An authentication bypass in telnet server in BF-430 and BF431 232/422 TCP/IP Converter, BF-450M and SEMAC from CHIYU Technology Inc allows obtaining a privileged connection with the target device by supplying a specially malformed request and an attacker may force the remote telnet server to believe that the user has already authenticated.
Detection & IOCsextracted from sources · hover to see the quote
- →Authentication bypass is triggered by sending a specially malformed/minimal request (a bare newline '\n') to the telnet server, causing the server to believe the user is already authenticated and granting a privileged shell (CMD> prompt). ↗
- →Monitor telnet sessions to CHIYU IoT devices (BF-430, BF-431, BF-450M, SEMAC) where authentication phase is skipped and a CMD> prompt is immediately returned after a single newline byte is sent. ↗
- →Affected devices include BF-430, BF-431, BF-450M, and SEMAC across ALL firmware versions — no version-specific patch boundary exists for detection scoping. ↗
- ·The exploit targets the standard Telnet port (TCP/23) on CHIYU devices. The bypass works against the telnet server specifically; no alternate port is specified in the source. ↗
- ·All firmware versions of the affected device families are vulnerable; there is no safe firmware version to allowlist. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices#cve-2021-31251https://seguranca-informatica.pt/dancing-in-the-iot-chiyu-devices-vulnerable-to-remote-attacks/#.YLqK1KhKguUhttps://www.chiyu-tech.com/msg/message-Firmware-update-87.htmlhttps://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices#cve-2021-31251https://seguranca-informatica.pt/dancing-in-the-iot-chiyu-devices-vulnerable-to-remote-attacks/#.YLqK1KhKguUhttps://www.chiyu-tech.com/msg/message-Firmware-update-87.html
2021-06-04
Published