Boa Webserver vulnerabilities
2 known vulnerabilities affecting boa/boa_webserver.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2007-4915P2CRITICALCVSS 10.0PoCv0.93.152007-09-17
CVE-2007-4915 [CRITICAL] CWE-20 CVE-2007-4915: The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other device
The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other devices, do not prevent stack writes from entering memory locations used for string constants, which allows remote attackers to change the admin password stored in memory via a long username in an HTTP Basic Authentication request.
nvd
CVE-2000-0920P4MEDIUMCVSS 5.0PoC≤ 0.94.8.22000-12-19
CVE-2000-0920 [MEDIUM] CVE-2000-0920: Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to
Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "."
nvd