BOA » Boa Webserver : Security Vulnerabilities, CVEs, CVSS score >= 4

CVE-2007-4915

Public exploit
The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other devices, do not prevent stack writes from entering memory locations used for string constants, which allows remote attackers to change the admin password stored in memory via a long username in an HTTP Basic Authentication request.
Max CVSS
10.0
EPSS Score
71.39%
Published
2007-09-17
Updated
2018-10-15

CVE-2000-0920

Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "."
Max CVSS
5.0
EPSS Score
2.50%
Published
2000-12-19
Updated
2017-10-10
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close