GoAhead System.ini Leak

High Nessus Plugin ID 102174


The remote server is vulnerable to an information leak that could allow a remote attacker to learn the admin username and password


The remote server uses a version of GoAhead that allows a remote unauthenticated attacker to download the system.ini file. This file contains credentials to the web interface, ftp interface, and others.


If possible, update the device's firmware and ensure that the HTTP server is not accessible via the internet.

See Also



Plugin Details

Severity: High

ID: 102174

File Name: goahead_password_leak.nasl

Version: 1.7

Type: remote

Family: CGI abuses

Published: 2017/08/03

Updated: 2019/11/12

Dependencies: 10107

Risk Information

Risk Factor: High

CVSS Score Source: CVE-2017-8225

CVSS v2.0

Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

CVSS v3.0

Base Score: 9.8

Temporal Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:U/RC:X

Vulnerability Information

Required KB Items: www/goahead

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 2017/03/17

Reference Information

CVE: CVE-2017-8225