Chiyu-tech

Bf-630 Firmware

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2021-31252

Exploit
  • EPSS 2.87%
  • Veröffentlicht 04.06.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:05:22

An open redirect vulnerability exists in BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, and SEMAC devices from CHIYU Technology that can be exploited by sending a link that has a specially crafted URL to convince the user to click on it.

6.1

CVE-2021-31641

Exploit
  • EPSS 1.16%
  • Veröffentlicht 01.06.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:06:03

An unauthenticated XSS vulnerability exists in several IoT devices from CHIYU Technology, including BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, BF-MINI-W, and SEMAC due to a lack of sanitization when the HTTP 404 message is generated.

6.8

CVE-2021-31642

Exploit
  • EPSS 30.21%
  • Veröffentlicht 01.06.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:06:03

A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. The vulnerability can be explored by sending an unexpected integer (> 32 bits) on...

5.4

CVE-2021-31643

Exploit
  • EPSS 3.81%
  • Veröffentlicht 01.06.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:06:04

An XSS vulnerability exists in several IoT devices from CHIYU Technology, including SEMAC, Biosense, BF-630, BF-631, and Webpass due to a lack of sanitization on the component if.cgi - username parameter.