Chiyu-Tech: >> Bf-631 Firmware Security Vulnerabilities
A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. The vulnerability can be explored by sending an unexpected integer (> 32 bits) on the page parameter that will crash the web portal and making it unavailable until a reboot of the device.
CVSS Score
6.5
EPSS Score
0.302
Published
2021-06-01
An XSS vulnerability exists in several IoT devices from CHIYU Technology, including SEMAC, Biosense, BF-630, BF-631, and Webpass due to a lack of sanitization on the component if.cgi - username parameter.
CVSS Score
5.4
EPSS Score
0.035
Published
2021-06-01