CVE-2021-31642

A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. The vulnerability can be explored by sending an unexpected integer 32 bits on the page parameter that will crash the web portal...

EUVD-2021-18164

Malware in sbrugna...

CVE-2020-6954

An issue was discovered on Cayin SMP-PRO4 devices. A user can discover a saved password by viewing the URL after a Connection String Test. This password is shown in the webpass parameter of a mediafolder.cgi?applymode=pingserver URI...

All Vulnerabilities for webpass.nas.nasa.gov Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2021-31252

The CVE-2021-31252 entry corresponds to an open redirect vulnerability in CHIYU Technology devices: BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, and SEMAC. According to the connected sources (NVD, CVE lists, CNNVD, PRION), the issue stems from an open redirect mechanism that can be...

CHIYU 多款设备输入验证错误漏洞

The Chiyu CHIYU BF-430, etc. are all networking servers that provide communication for access control, time and attendance systems, and other devices from Chiyu Technology Chiyu of Taiwan, China. The security vulnerability in CHIYU Technology's BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W,...

Integer overflow

A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. The vulnerability can be explored by sending an unexpected integer 32 bits on the page parameter that will crash the web portal...

CHIYU Technology IoT devices 输入验证错误漏洞

The Chiyu CHIYU BF-430 is a networking server from Taiwan's Chiyu Technology Chiyu that provides communication for devices such as access control and time and attendance systems. A security vulnerability exists in CHIYU Technology IoT devices, which stems from a denial of service condition after ...

CHIYU IoT devices - (Multiple) Cross-Site Scripting Vulnerability

Exploit Title: CHIYU IoT devices - 'Multiple' Cross-Site Scripting XSS Exploit Author: sirpedrotavares Vendor Homepage: https://www.chiyu-tech.com/msg/msg88.html Software Link: https://www.chiyu-tech.com/category-hardware.html Version: BF-430, BF-431, BF-450M, BF-630, BF631-W, BF830-W, Webpass,...

CVE-2020-6954

An issue was discovered on Cayin SMP-PRO4 devices. A user can discover a saved password by viewing the URL after a Connection String Test. This password is shown in the webpass parameter of a mediafolder.cgi?applymode=pingserver URI...