Vulnerabilities > BOA > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-23 | CVE-2022-44117 | SQL Injection vulnerability in BOA 0.94.14.21 Boa 0.94.14rc21 is vulnerable to SQL Injection via username. | 9.8 |
2007-09-17 | CVE-2007-4915 | Improper Input Validation vulnerability in BOA Webserver 0.93.15 The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other devices, do not prevent stack writes from entering memory locations used for string constants, which allows remote attackers to change the admin password stored in memory via a long username in an HTTP Basic Authentication request. | 10.0 |