Vulnerabilities > Chiyu Tech > Semac D2 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-04 | CVE-2021-31251 | Improper Authentication vulnerability in Chiyu-Tech products An authentication bypass in telnet server in BF-430 and BF431 232/422 TCP/IP Converter, BF-450M and SEMAC from CHIYU Technology Inc allows obtaining a privileged connection with the target device by supplying a specially malformed request and an attacker may force the remote telnet server to believe that the user has already authenticated. | 7.5 |
| 2021-06-04 | CVE-2021-31252 | Open Redirect vulnerability in Chiyu-Tech products An open redirect vulnerability exists in BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, and SEMAC devices from CHIYU Technology that can be exploited by sending a link that has a specially crafted URL to convince the user to click on it. | 5.8 |
| 2021-06-01 | CVE-2021-31641 | Cross-site Scripting vulnerability in Chiyu-Tech products An unauthenticated XSS vulnerability exists in several IoT devices from CHIYU Technology, including BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, BF-MINI-W, and SEMAC due to a lack of sanitization when the HTTP 404 message is generated. | 4.3 |
| 2021-06-01 | CVE-2021-31642 | Integer Overflow or Wraparound vulnerability in Chiyu-Tech products A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. | 6.8 |
| 2021-06-01 | CVE-2021-31643 | Cross-site Scripting vulnerability in Chiyu-Tech products An XSS vulnerability exists in several IoT devices from CHIYU Technology, including SEMAC, Biosense, BF-630, BF-631, and Webpass due to a lack of sanitization on the component if.cgi - username parameter. | 3.5 |