CVE-2021-31642

A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. The vulnerability can be explored by sending an unexpected integer 32 bits on the page parameter that will crash the web portal...

EUVD-2021-18164

Malware in sbrugna...

CVE-2021-31252

The CVE-2021-31252 entry corresponds to an open redirect vulnerability in CHIYU Technology devices: BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, and SEMAC. According to the connected sources (NVD, CVE lists, CNNVD, PRION), the issue stems from an open redirect mechanism that can be...

Integer overflow

A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. The vulnerability can be explored by sending an unexpected integer 32 bits on the page parameter that will crash the web portal...

CHIYU Technology IoT devices 输入验证错误漏洞

The Chiyu CHIYU BF-430 is a networking server from Taiwan's Chiyu Technology Chiyu that provides communication for devices such as access control and time and attendance systems. A security vulnerability exists in CHIYU Technology IoT devices, which stems from a denial of service condition after ...

CHIYU IoT devices - (Multiple) Cross-Site Scripting Vulnerability

Exploit Title: CHIYU IoT devices - 'Multiple' Cross-Site Scripting XSS Exploit Author: sirpedrotavares Vendor Homepage: https://www.chiyu-tech.com/msg/msg88.html Software Link: https://www.chiyu-tech.com/category-hardware.html Version: BF-430, BF-431, BF-450M, BF-630, BF631-W, BF830-W, Webpass,...

Multiple Chiyu Products Cross-Site Scripting Vulnerabilities

Chiyu BF-630, BF-630W and BF-660C are all products of Chiyu.BF-630 and BF-630W are networked fingerprint access controllers.BF-660C is a networked fingerprint access control and time and attendance machine. A cross-site scripting vulnerability exists in multiple Chiyu products. A remote attacker...

CVE-2015-2870

Cross-site scripting XSS vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element...

Cross site scripting

Cross-site scripting XSS vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element...

CVE-2015-2870

Cross-site scripting XSS vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element...