CVSS: 6.8EPSS: 2%CPEs: 22EXPL: 5CVE-2021-31642 – CHIYU IoT Devices - Denial of Service (DoS)
https://notcve.org/view.php?id=CVE-2021-31642
01 Jun 2021 — A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. The vulnerability can be explored by sending an unexpected integer (> 32 bits) on the page parameter that will crash the web portal and making it unavailable until a reboot of the device. Se presenta una condición de denegación de servicio tras un desbordamiento de enteros en varios dispositivos IoT de CHIYU Technology, incluyendo BIOSENSE, ... • https://packetstorm.news/files/id/162934 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.4EPSS: 13%CPEs: 22EXPL: 4CVE-2021-31643 – CHIYU IoT Cross Site Scripting
https://notcve.org/view.php?id=CVE-2021-31643
01 Jun 2021 — An XSS vulnerability exists in several IoT devices from CHIYU Technology, including SEMAC, Biosense, BF-630, BF-631, and Webpass due to a lack of sanitization on the component if.cgi - username parameter. Se presenta una vulnerabilidad de tipo XSS en varios dispositivos IoT de CHIYU Technology, incluyendo SEMAC, Biosense, BF-630, BF-631 y Webpass, debido a una falta de sanitización en el component if.cgi - parámetro username CHIYU IoT devices suffer from multiple cross site scripting vulnerabilities. Versio... • https://packetstorm.news/files/id/162887 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •