Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
boa boa vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-35395
Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both o...
Realtek Realtek Jungle Sdk
1 Article
10
CVSSv2
CVE-2014-8389
cgi-bin/mft/wireless_mft.cgi in AirLive BU-2015 with firmware 1.03.18 16.06.2014, AirLive BU-3026 with firmware 1.43 21.08.2014, AirLive MD-3025 with firmware 1.81 21.08.2014, AirLive WL-2000CAM with firmware LM.1.6.18 14.10.2011, and AirLive POE-200CAM v2 with firmware LM.1.6.17...
Airlive Bu-3026 Firmware 1.43 21.08.2014
Airlive Md-3025 Firmware 1.81 21.08.2014
Airlive Wl-2000cam Firmware Lm.1.6.18 14.10.2011
Airlive Poe-200cam V2 Firmware Lm.1.6.17.01
Airlive Bu-2015 Firmware 1.03.18 16.06.2014
10
CVSSv2
CVE-2016-5640
Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron AirMedia AM-100 devices with firmware prior to 1.4.0.13 allows remote malicious users to execute arbitrary commands via a .. (dot dot) in the ATE_COMMAND parameter.
Crestron Airmedia Am-100 Firmware
3 Github repositories
10
CVSSv2
CVE-2007-4915
The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other devices, do not prevent stack writes from entering memory locations used for string constants, which allows remote malicious users to change the admin password stored in memory via a lon...
Boa Boa Webserver 0.93.15
2 EDB exploits
9
CVSSv2
CVE-2019-8985
On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. This can cause denial of service (device restart) or remote code execution. This vulnerability can...
Netis-systems Wf2411 Firmware 2.1.36123
Netis-systems Wf2880 Firmware 2.1.36123
1 Github repository
9
CVSSv2
CVE-2018-20057
An issue exists in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. goform/formSysCmd allows remote authenticated users to execute arbitrary OS commands via the sysCmd POST parameter.
D-link Dir-619l Firmware 2.06b1
D-link Dir-605l Firmware 2.12b1
7.8
CVSSv2
CVE-2017-9833
/cgi-bin/wapopen in Boa 0.94.14rc21 allows the injection of "../.." using the FILECAMERA variable (sent by GET) to read files with root privileges. NOTE: multiple third parties report that this is a system-integrator issue (e.g., a vulnerability on one type of camera) b...
Boa Boa 0.94.14.21
1 EDB exploit
1 Github repository
1 Article
7.5
CVSSv2
CVE-2018-21027
Boa up to and including 0.94.14rc21 allows remote malicious users to trigger an out-of-memory (OOM) condition because malloc is mishandled.
Boa Boa
7.5
CVSSv2
CVE-2018-20056
An issue exists in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. There is a stack-based buffer overflow allowing remote malicious users to execute arbitrary code without authentication via the goform/formLanguageChange currTime parameter.
D-link Dir-619l Firmware 2.06b1
D-link Dir-605l Firmware 2.12b1
7.5
CVSSv2
CVE-2009-4492
WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, ...
Ruby-lang Webrick 1.3.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »