{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,9]],"date-time":"2026-03-09T19:43:32Z","timestamp":1773085412273,"version":"3.50.1"},"reference-count":73,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100012166","name":"National Key Research and Development Program of China","doi-asserted-by":"publisher","award":["2023YFB3106800"],"award-info":[{"award-number":["2023YFB3106800"]}],"id":[{"id":"10.13039\/501100012166","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62302508"],"award-info":[{"award-number":["62302508"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans.Inform.Forensic Secur."],"published-print":{"date-parts":[[2025]]},"DOI":"10.1109\/tifs.2025.3620120","type":"journal-article","created":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T17:36:09Z","timestamp":1760117769000},"page":"1-1","source":"Crossref","is-referenced-by-count":1,"title":["CGIFuzz: Enabling Gray-Box Fuzzing for Web CGI of IoT Devices"],"prefix":"10.1109","author":[{"ORCID":"https:\/\/orcid.org\/0009-0000-0467-0720","authenticated-orcid":false,"given":"Cheng","family":"Shi","sequence":"first","affiliation":[{"name":"Zhejiang University, Hangzhou, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2888-4499","authenticated-orcid":false,"given":"Jiongchi","family":"Yu","sequence":"additional","affiliation":[{"name":"School of Computing and Information Systems, Singapore Management University, Singapore, Singapore"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1455-4330","authenticated-orcid":false,"given":"Ziming","family":"Zhao","sequence":"additional","affiliation":[{"name":"Zhejiang University, Hangzhou, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0776-4073","authenticated-orcid":false,"given":"Jiongyi","family":"Chen","sequence":"additional","affiliation":[{"name":"National University of Defense Technology, Changsha, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6087-8243","authenticated-orcid":false,"given":"Fan","family":"Zhang","sequence":"additional","affiliation":[{"name":"Zhejiang University, Hangzhou, China"}]}],"member":"263","reference":[{"key":"ref1","first-page":"1","article-title":"The Internet of Things: An overview","volume-title":"Proc. ISOC","author":"Rose"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2005.18"},{"key":"ref3","volume-title":"Common Gateway Interface (CGI)","author":"Brinsley","year":"2002"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/CCST.1997.626249"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/4236.612229"},{"key":"ref6","volume-title":"Embedded Web Server-GoAhead","year":"2025"},{"issue":"173","key":"ref7","first-page":"2","article-title":"Nginx: The high-performance web server and reverse proxy","volume":"2008","author":"Reese","year":"2008","journal-title":"Linux J."},{"key":"ref8","volume-title":"Introduction To Common Gateway Interface and CGI Vulnerabilities","year":"2024"},{"key":"ref9","volume-title":"Common Gateway Interface Vulnerability","author":"Sulthan","year":"2014"},{"key":"ref10","volume-title":"Boofuzz","author":"Pereyda","year":"2025"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23159"},{"key":"ref12","first-page":"1099","article-title":"FIRM-AFL: High-Throughput greybox fuzzing of IoT firmware via augmented process emulation","volume-title":"Proc. USENIX Secur.","author":"Zheng"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1145\/3597926.3598115"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/SP46215.2023.10179317"},{"key":"ref15","first-page":"1201","article-title":"HALucinator: Firmware re-hosting through abstraction layer emulation","volume-title":"Proc. USENIX Security","author":"Clements"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00127"},{"key":"ref17","volume-title":"Trapfuzzer\u2014Coverage-Guided Binary Fuzzing With Breakpoints","author":"Luo","year":"2024"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1145\/96267.96279"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1155\/2022\/6880677"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3025037"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/DSC53577.2021.00056"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23387"},{"key":"ref23","first-page":"167","article-title":"KAFL: Hardware-assisted feedback fuzzing for OS kernels","volume-title":"Proc. USENIX Secur.","author":"Schumilo"},{"key":"ref24","first-page":"2741","article-title":"SyzVegas: Beating kernel fuzzing odds with reinforcement learning","volume-title":"Proc. USENIX Security","author":"Wang"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/3293882.3330579"},{"key":"ref26","first-page":"4901","article-title":"TensorFuzz: Debugging neural networks with coverage-guided fuzzing","volume-title":"Proc. ICML","author":"Odena"},{"key":"ref27","volume-title":"American Fuzzy Lop","author":"Zalewski","year":"2024"},{"key":"ref28","volume-title":"LibFuzzer\u2014A Library for Coverage-Guided Fuzz Testing","author":"Serebryany","year":"2025"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00211"},{"key":"ref30","volume-title":"Peach Fuzzer","author":"Eddington","year":"2024"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2022.3182589"},{"key":"ref32","volume-title":"QEMU: A Generic and Open Source Machine Emulator and Virtualizer","author":"Bellard","year":"2024"},{"key":"ref33","volume-title":"Nccgroup\/TriforceAFL: AFL\/QEMU Fuzzing With Full-System Emulation","author":"Newsham","year":"2024"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/2590296.2590301"},{"key":"ref35","first-page":"789","article-title":"PARTEMU: Enabling dynamic analysis of real-world TrustZone software using emulation","volume-title":"Proc. USENIX Security","author":"Harrison"},{"key":"ref36","volume-title":"GDB Documentation","author":"Alves","year":"2024"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/3597926.3598067"},{"key":"ref38","article-title":"Prompt fuzzing for fuzz driver generation","author":"Lyu","year":"2023","journal-title":"arXiv:2312.17677"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/ICST60714.2024.00048"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1145\/3650212.3680389"},{"key":"ref41","volume-title":"RFC 2616-HTTP\/1.1","year":"2024"},{"key":"ref42","volume-title":"Configuration Files-Apache HTTP Server","year":"2024"},{"key":"ref43","volume-title":"CVE Mitre","year":"2024"},{"key":"ref44","volume-title":"CVEProject: CVE Cache of the Official CVE List","year":"2024"},{"key":"ref45","volume-title":"National Vulnerability Database","author":"-CERT","year":"2024"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2006.145"},{"key":"ref47","volume-title":"The Web Application Hacker\u2019s Handbook: Finding and Exploiting Security Flaws","author":"Stuttard","year":"2011"},{"key":"ref48","volume-title":"Command Injection","year":"2024"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1145\/3359789.3359826"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1002\/ett.3935"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2019.2910750"},{"key":"ref52","first-page":"95","article-title":"A large-scale analysis of the security of embedded firmwares","volume-title":"Proc. 23rd USENIX Secur. Symp.","author":"Costin"},{"key":"ref53","volume-title":"Ghidra","year":"2024"},{"key":"ref54","volume-title":"Playwright: A Framework for Web Testing and Automation","year":"2024"},{"key":"ref55","volume-title":"RFC 7303","author":"Miguel","year":"2008"},{"key":"ref56","volume-title":"Simple Object Access Protocol (SOAP) 1.1","author":"Box","year":"2024"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.3390\/s22030995"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1109\/ICDM.2016.0103"},{"key":"ref59","volume-title":"Worldwide Service Provider Router Market Shares, 2024: Huawei Remains Market Leader; Nokia Gains Market Share","author":"Das","year":"2024"},{"key":"ref60","volume-title":"Home Wireless Router-Global Market Share and Ranking","year":"2024"},{"issue":"3","key":"ref61","first-page":"1","article-title":"A study on vulnerability analysis and memory forensics of ESP32","volume":"25","author":"Baek","year":"2024","journal-title":"J. Internet Comput. Services"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1145\/3581791.3596857"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427294"},{"key":"ref64","volume-title":"D-Link Dir-505 1.06-Multiple Vulnerabilities-Hardware Webapps Exploit","author":"Pinto","year":"2013"},{"key":"ref65","volume-title":"Netsecfish\/dlink","year":"2025"},{"key":"ref66","volume-title":"CVE-2024-32351","year":"2024"},{"key":"ref67","volume-title":"CWE-77: Improper Neutralization of Special Elements Used in a Command (\u2019Command Injection\u2019)","year":"2024"},{"key":"ref68","volume-title":"Java Software\u2014Oracle","year":"2024"},{"key":"ref69","volume-title":"Python Software","year":"2024"},{"key":"ref70","volume-title":"PHP: Hypertext Preprocessor","year":"2024"},{"key":"ref71","volume-title":"Jdb","year":"2024"},{"key":"ref72","volume-title":"Pdb\u2014The Python Debugger","year":"2024"},{"key":"ref73","volume-title":"Xdebug-Debugger and Profiler Tool for PHP","author":"Rethans","year":"2024"}],"container-title":["IEEE Transactions on Information Forensics and Security"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/10206\/4358835\/11199890.pdf?arnumber=11199890","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,25]],"date-time":"2025-10-25T04:43:19Z","timestamp":1761367399000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11199890\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"references-count":73,"URL":"https:\/\/doi.org\/10.1109\/tifs.2025.3620120","relation":{},"ISSN":["1556-6013","1556-6021"],"issn-type":[{"value":"1556-6013","type":"print"},{"value":"1556-6021","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]}}}