10 matches found
CVE-2021-31642
A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. The vulnerability can be explored by sending an unexpected integer 32 bits on the page parameter that will crash the web portal...
EUVD-2021-18164
Malware in sbrugna...
CVE-2021-31252
The CVE-2021-31252 entry corresponds to an open redirect vulnerability in CHIYU Technology devices: BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, and SEMAC. According to the connected sources (NVD, CVE lists, CNNVD, PRION), the issue stems from an open redirect mechanism that can be...
Integer overflow
A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. The vulnerability can be explored by sending an unexpected integer 32 bits on the page parameter that will crash the web portal...
CHIYU IoT devices - (Multiple) Cross-Site Scripting Vulnerability
Exploit Title: CHIYU IoT devices - 'Multiple' Cross-Site Scripting XSS Exploit Author: sirpedrotavares Vendor Homepage: https://www.chiyu-tech.com/msg/msg88.html Software Link: https://www.chiyu-tech.com/category-hardware.html Version: BF-430, BF-431, BF-450M, BF-630, BF631-W, BF830-W, Webpass,...
CHIYU Technology IoT devices 输入验证错误漏洞
The Chiyu CHIYU BF-430 is a networking server from Taiwan's Chiyu Technology Chiyu that provides communication for devices such as access control and time and attendance systems. A security vulnerability exists in CHIYU Technology IoT devices, which stems from a denial of service condition after ...
Multiple Chiyu Products Cross-Site Scripting Vulnerabilities
Chiyu BF-630, BF-630W and BF-660C are all products of Chiyu.BF-630 and BF-630W are networked fingerprint access controllers.BF-660C is a networked fingerprint access control and time and attendance machine. A cross-site scripting vulnerability exists in multiple Chiyu products. A remote attacker...
CVE-2015-2870
Cross-site scripting XSS vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element...
Cross site scripting
Cross-site scripting XSS vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element...
CVE-2015-2870
Cross-site scripting XSS vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element...