GoAhead System.ini Leak

Medium Nessus Plugin ID 102174


The remote server is vulnerable to an information leak that could allow a remote attacker to learn the admin username and password


The remote server uses a version of GoAhead that allows a remote unauthenticated attacker to download the system.ini file. This file contains credentials to the web interface, ftp interface, and others.


If possible, update the device's firmware and ensure that the HTTP server is not accessible via the internet.

See Also



Plugin Details

Severity: Medium

ID: 102174

File Name: goahead_password_leak.nasl

Version: 1.6

Type: remote

Family: CGI abuses

Published: 2017/08/03

Updated: 2018/06/14

Dependencies: 10107

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

CVSS v3.0

Base Score: 5.3

Temporal Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:H/RL:U/RC:X

Vulnerability Information

Required KB Items: www/goahead

Exploited by Nessus: true

Vulnerability Publication Date: 2017/03/17

Reference Information

CVE: CVE-2017-8225