Vulnerabilities (CVE)

Filtered by vendor Boa Subscribe
Filtered by product Boa Webserver
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-4915 1 Boa 1 Boa Webserver 2024-11-21 10.0 HIGH N/A
The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other devices, do not prevent stack writes from entering memory locations used for string constants, which allows remote attackers to change the admin password stored in memory via a long username in an HTTP Basic Authentication request.
CVE-2000-0920 1 Boa 1 Boa Webserver 2024-11-20 5.0 MEDIUM N/A
Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "."