Boa Server Configuration Vulnerability on DASAN H660RM Devices

Boa Server Configuration Vulnerability on DASAN H660RM Devices

CVE-2019-9976 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users.

Learn more about our Web App Pen Testing.