← back
CVE-2021-33558observed exploitation

CVE-2021-33558

65Vexday Risk Score

Patch now. It exploitation observed by VulnCheck and has a working public exploit.

ssvc Actepss 10%
from disclosure to weapon0 days
Published on NVDMay 27
1st PoCMay 25
VulnCheck+628d
exploitation probability
10%top 5% of all CVEs
observed exploitation
yesVulnCheck
2 public exploit(s)
Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration involving backup.html, preview.html, js/log.js, log.html, email.html, online-users.html, and config.js. NOTE: multiple third parties report that this is a site-specific issue because those files are not part of Boa.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.