What is CVE-2001-0537?

CVE-2001-0537 is a vulnerability in N/a. Published 2002-03-09.

Is CVE-2001-0537 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2001-0537

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.

EPSS: 0.938 (99.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

CA-2001-14 (x_refsource_CERT, third-party-advisory)
20010629 Re: Cisco Security Advisory: IOS HTTP authorization vulnerability (mailing-list, x_refsource_BUGTRAQ)
20010627 IOS HTTP authorization vulnerability (x_refsource_CISCO, vendor-advisory)
20010702 ios-http-auth.sh (mailing-list, x_refsource_BUGTRAQ)
20010702 Cisco IOS HTTP Configuration Exploit (mailing-list, x_refsource_BUGTRAQ)
578 (x_refsource_OSVDB, vdb-entry)
20010702 Cisco device HTTP exploit... (mailing-list, x_refsource_BUGTRAQ)
L-106 (government-resource, third-party-advisory, x_refsource_CIAC)
2936 (vdb-entry, x_refsource_BID)
cisco-ios-admin-access(6749) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2001-0537?: CVE-2001-0537 is a vulnerability in N/a. Published 2002-03-09.
Is CVE-2001-0537 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.