BadBlue ISAPI Extension ext.dll LoadPage Parameter Arbitrary File Access

This script is Copyright (C) 2003-2016 Tenable Network Security, Inc.

Synopsis :

The web server is affected by an authentication bypass vulnerability.

Description :

The remote host is running BadBlue web server earlier then 2.3. Such
versions are reportedly affected by an authentication bypass
vulnerability. A flaw in the order that security checks are performed
could allow an attacker to gain administrative access to the

See also :

Solution :

Upgrade to BadBlue v 2.3 or newer as this reportedly fixes the issue.

Risk factor :

High / CVSS Base Score : 7.6

Family: Web Servers

Nessus Plugin ID: 11641 (badblue_remote_administrative_access2.nasl)

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now