cvedb.io
CVE-2021-31643
MEDIUM · CVSS 5.4
EPSS exploitation probability: 0%
Published 2021-06-01T15:15:07.747 · Last modified 2026-06-17T03:52:06.720

Summary

An XSS vulnerability exists in several IoT devices from CHIYU Technology, including SEMAC, Biosense, BF-630, BF-631, and Webpass due to a lack of sanitization on the component if.cgi - username parameter.

Affected products

chiyu-tech — bf-631_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when chiyu-tech ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.