CVE-2021-33558

Name of the Vulnerable Software and Affected Versions Boa version 0.94.13

Description The issue is related to configuration errors in files such as backup.html, preview.html, js/log.js, log.html, email.html, online-users.html, and config.js of the Boa HTTP server. Exploitation of this issue may allow a remote attacker to gain unauthorized access to protected information. It is noted that this might be a site-specific issue because the mentioned files are not part of the standard Boa distribution.

Recommendations For Boa version 0.94.13, consider removing or restricting access to the files backup.html, preview.html, js/log.js, log.html, email.html, online-users.html, and config.js to prevent potential exploitation. Ensure proper configuration to avoid exposing sensitive information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.