CVE-2021-31642
CVE-2021-31642
A denial of service condition exists after an integer overflow in several IoT devices from CHIYU Technology, including BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC. The vulnerability can be explored by sending an unexpected integer (> 32 bits) on the page parameter that will crash the web portal and making it unavailable until a reboot of the device.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/162934/CHIYU-IoT-Denial-Of-Service.htmlunverifiedexploitdbwww.exploit-db.com/exploits/49937unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/162934/CHIYU-IoT-Denial-Of-Service.htmlhttps://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices#cve-2021-31642https://seguranca-informatica.pt/dancing-in-the-iot-chiyu-devices-vulnerable-to-remote-attacks/https://www.chiyu-tech.com/msg/message-Firmware-update-87.html