VYPR
Vendor

CHIYU Technology

Products
12
CVEs
7
Across products
28
Status
Private

Products

12

Recent CVEs

7
  • CVE-2021-31251CriJun 4, 2021
    risk 0.70cvss 9.8epss 0.36

    An authentication bypass in telnet server in BF-430 and BF431 232/422 TCP/IP Converter, BF-450M and SEMAC from CHIYU Technology Inc allows obtaining a privileged connection with the target device by supplying a specially malformed request and an attacker may force the remote…

  • CVE-2021-31642MedJun 1, 2021
    risk 0.49cvss 6.5epss 0.44

    A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. The vulnerability can be explored by sending an unexpected integer (> 32 bits) on the page parameter that will…

  • CVE-2021-31249MedJun 4, 2021
    risk 0.44cvss 6.5epss 0.18

    A CRLF injection vulnerability was found on BF-430, BF-431, and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of validation on the parameter redirect= available on multiple CGI components.

  • CVE-2021-31252MedJun 4, 2021
    risk 0.42cvss 6.1epss 0.29

    An open redirect vulnerability exists in BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, and SEMAC devices from CHIYU Technology that can be exploited by sending a link that has a specially crafted URL to convince the user to click on it.

  • CVE-2021-31643MedJun 1, 2021
    risk 0.42cvss 5.4epss 0.88

    An XSS vulnerability exists in several IoT devices from CHIYU Technology, including SEMAC, Biosense, BF-630, BF-631, and Webpass due to a lack of sanitization on the component if.cgi - username parameter.

  • CVE-2021-31250MedJun 4, 2021
    risk 0.41cvss 5.4epss 0.80

    Multiple storage XSS vulnerabilities were discovered on BF-430, BF-431 and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of sanitization of the input on the components man.cgi, if.cgi, dhcpc.cgi, ppp.cgi.

  • CVE-2021-31641MedJun 1, 2021
    risk 0.40cvss 6.1epss 0.05

    An unauthenticated XSS vulnerability exists in several IoT devices from CHIYU Technology, including BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, BF-MINI-W, and SEMAC due to a lack of sanitization when the HTTP 404 message is generated.