Boa 0.94.13
tcp/443
webserver
tcp/5001
An attacker can make use of this vulnerability to step out of the root directory and access other parts of the file system.
This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.
https://www.acunetix.com/websitesecurity/directory-traversal/
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07df231d2bcf231d2bc8117f206b4436c27ccc1d846
Found host file trough Directory traversal: 127.0.0.1 localhost # the following lines are desirable for ipv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 127.0.1.1 gwg
An attacker can make use of this vulnerability to step out of the root directory and access other parts of the file system.
This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.
https://www.acunetix.com/websitesecurity/directory-traversal/
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07df231d2bcf231d2bc8117f206b4436c27ccc1d846
Found host file trough Directory traversal: 127.0.0.1 localhost # the following lines are desirable for ipv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 127.0.1.1 gwg
Open service 149.210.92.251:443
2024-06-15 21:27
HTTP/1.0 401 Unauthorized Date: Sun, 16 Jun 2024 00:27:41 GMT Server: Boa/0.94.13 X-Frame-Options: SAMEORIGIN WWW-Authenticate: Basic realm="BiPAC 4700ZUL" Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: SESSIONID=05f21277;HttpOnly Page title: 401 Unauthorized <HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD> <BODY><H1>401 Unauthorized</H1> Your client does not have permission to get URL /cgi-bin/index.asp from this server. </BODY></HTML>
Open service 149.210.92.251:5001
2024-06-14 22:31
HTTP/1.1 200 OK Content-Type: text/html Accept-Ranges: bytes ETag: "1637486856" Last-Modified: Wed, 20 Dec 2023 15:59:26 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Length: 4591 Connection: close Date: Fri, 14 Jun 2024 22:32:20 GMT Server: webserver <!DOCTYPE html> <!-- MAIN-TEMPLATE FOR WEBSITE --> <html ng-controller="rootCtrl"> <head> <!-- Use the most recent rendering mode of IE or use Chrome Frame for IE<=8 if installed --> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=IE8"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta http-equiv="Content-Script-Type" content="text/javascript"> <meta http-equiv="cache-control" content="max-age=0" /> <meta http-equiv="cache-control" content="no-cache" /> <meta http-equiv="expires" content="0" /> <meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" /> <meta http-equiv="pragma" content="no-cache" /> <!--<title>Fronius: {{daloState.systemName ? daloState.getDecodedSystemName() : ('WIZARD_TITLE' | translate)}}</title>--> <title ng-bind="'Fronius: ' + (daloState.systemName ? daloState.getDecodedSystemName() : ('WIZARD_TITLE' | translate))"></title> <!--[if lt IE 9]><script> var userLang = navigator.language || navigator.userLanguage || 'en'; userLang = userLang.split('-')[0] window.location.href = '/html/legacy/legacy_browser_'+userLang+'.html?ver=1.1.26-8'; </script><![endif]--> <!--[if IE]><script src="/js/ie_fixes.js?ver=3.4.0-102"></script><![endif]--> <link rel="icon" href="/img/favicon.ico" type="image/vnd.microsoft.icon"> <!--TODO: cleanup stylesheets !! maybe https://github.com/manuelmazzuola/angular-ui-router-styles --> <link type="text/css" href="/css/bootstrap-progressbar.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/bootstrap-components.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/jquery-ui-1.9.0.custom.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/ngDialog.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/desktop.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/ui.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/css.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/hint.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/startpage_widgets.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/startpage_multi.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/settings.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/main.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/wizard.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/elems.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/login.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <link type="text/css" href="/css/enable.directive.css?ver=1.1.26-8" rel="stylesheet" media="all"/> <script type="text/javascript" src="js/energy-flow-widget/energy_flow_widgets.bundle.js"></script> <!-- Load script-dependencies through require.js --> <script src="/main.js?ver=1.1.26-8"></script> <!-- watch dog for wiered ios behavoir, reload if nothing happens in 30 seconds --> <script> setTimeout(function(){ if (window.appBootstrapped == true || !(location.href.match('(?=^.*?app=true)') || location.href.match('(?=^.*&app=true)'))) return; /*var url = window.location.href; url += '&noWatchdog=true'; window.location.href = url;*/ window.location.reload(); },20000); </script> </head> <body ng-cloak translate-cloak> <div id="root" ng-class="getRootClass()" ng-show="daloState.pageVisible">