CVE-2007-4915

Boa Webserver - Improper Input Validation

Title source: rule

Description

The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other devices, do not prevent stack writes from entering memory locations used for string constants, which allows remote attackers to change the admin password stored in memory via a long username in an HTTP Basic Authentication request.

Exploits (3)

exploitdb WORKING POC VERIFIED

by ikki · pythonremotelinux

https://www.exploit-db.com/exploits/4542

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Luca Carettoni · pythondoslinux

https://www.exploit-db.com/exploits/30584

View Code ZIP pw:eip

metasploit WORKING POC

by Luca · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/intersil_pass_reset.rb

View Code ZIP pw:eip

References (8)

[Various Sources] http://www.gnucitizen.org/projects/router-hacking-challenge/

[Various Sources] http://www.ikkisoft.com/stuff/SN-2007-02.txt

[Vendor Advisory] http://www.securenetwork.it/ricerca/advisory/download/SN-2007-02.txt

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/479434/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/489009/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/25676

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4542

[Third Party Advisory] http://securityreason.com/securityalert/3151

Scores

EPSS 0.8109

EPSS Percentile 99.2%

Details

CWE

CWE-20

Status published

Products (1)

boa/boa_webserver 0.93.15

Published Sep 17, 2007

Tracked Since Feb 18, 2026