Vulnerabilities > BOA > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-27 | CVE-2021-33558 | Unspecified vulnerability in BOA 0.94.13 Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration involving backup.html, preview.html, js/log.js, log.html, email.html, online-users.html, and config.js. | 7.5 |
| 2019-10-11 | CVE-2018-21028 | Missing Release of Resource after Effective Lifetime vulnerability in BOA Boa through 0.94.14rc21 allows remote attackers to trigger a memory leak because of missing calls to the free function. | 7.5 |
| 2017-06-24 | CVE-2017-9833 | Path Traversal vulnerability in BOA 0.94.14.21 /cgi-bin/wapopen in Boa 0.94.14rc21 allows the injection of "../.." using the FILECAMERA variable (sent by GET) to read files with root privileges. | 7.5 |
| 2016-11-30 | CVE-2016-9564 | Improper Input Validation vulnerability in BOA 0.92R Buffer overflow in send_redirect() in Boa Webserver 0.92r allows remote attackers to DoS via an HTTP GET request requesting a long URI with only '/' and '.' characters. | 7.5 |