Filtered by vendor Boa Subscriptions
Filtered by product Boa Webserver Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2007-4915 1 Boa 1 Boa Webserver 2024-11-21 N/A
The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other devices, do not prevent stack writes from entering memory locations used for string constants, which allows remote attackers to change the admin password stored in memory via a long username in an HTTP Basic Authentication request.
CVE-2000-0920 1 Boa 1 Boa Webserver 2024-11-20 N/A
Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "."