cbcvebase.
CVE-2021-31251
published 2021-06-04

CVE-2021-31251: An authentication bypass in telnet server in BF-430 and BF431 232/422 TCP/IP Converter, BF-450M and SEMAC from CHIYU Technology Inc allows obtaining a…

PriorityP181critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
35.71%
98.3th percentile
An authentication bypass in telnet server in BF-430 and BF431 232/422 TCP/IP Converter, BF-450M and SEMAC from CHIYU Technology Inc allows obtaining a privileged connection with the target device by supplying a specially malformed request and an attacker may force the remote telnet server to believe that the user has already authenticated.

Detection & IOCsextracted from sources · hover to see the quote

command\n
  • Authentication bypass is triggered by sending a specially malformed/minimal request (a bare newline '\n') to the telnet server, causing the server to believe the user is already authenticated and granting a privileged shell (CMD> prompt).
  • Monitor telnet sessions to CHIYU IoT devices (BF-430, BF-431, BF-450M, SEMAC) where authentication phase is skipped and a CMD> prompt is immediately returned after a single newline byte is sent.
  • Affected devices include BF-430, BF-431, BF-450M, and SEMAC across ALL firmware versions — no version-specific patch boundary exists for detection scoping.
  • ·The exploit targets the standard Telnet port (TCP/23) on CHIYU devices. The bypass works against the telnet server specifically; no alternate port is specified in the source.
  • ·All firmware versions of the affected device families are vulnerable; there is no safe firmware version to allowlist.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.