CVE-2001-0537: CVE-2001-0537

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2001-0537

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Cisco IOS Web配置接口安全认证可被绕过漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

IOS是Cisco公司开发的路由器固件。IOS支持很多Cisoco设备(包括路由器和交换机)。在Cisco IOS 11.3开始的版本存在一个安全问题，如果它开放了Web管理接口，将允许任意远程攻击者获取该设备的完全的管理权限。攻击者只需要构造一个如下的URL: http://<device_addres>/level/xx/exec/.... 这里的xx是一个从16-99之间的整数。对于不同的设备，这个数值可能是不同的，但是攻击者仅需要测试84次即可找到正确的数值。这个问题可能导致远程用户获取完全

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2001-0537

#	POC Description	Source Link	Shenlong Link
1	HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2001/CVE-2001-0537.yaml	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2001-0537

Please Login to view more intelligence information

http://www.osvdb.org/578vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/2936vdb-entryx_refsource_BID
http://www.ciac.org/ciac/bulletins/l-106.shtmlthird-party-advisorygovernment-resourcex_refsource_CIAC
http://www.cert.org/advisories/CA-2001-14.htmlthird-party-advisoryx_refsource_CERT
http://www.securityfocus.com/archive/1/20010703011650.60515.qmail%40web14910.mail.yahoo.commailing-listx_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/6749vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/Pine.LNX.3.96.1010702134611.22995B-100000%40Lib-Vai.lib.asu.edumailing-listx_refsource_BUGTRAQ
http://www.cisco.com/warp/public/707/IOS-httplevel-pub.htmlvendor-advisoryx_refsource_CISCO
http://www.securityfocus.com/archive/1/1601227034.20010702112207%40olympos.orgmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/4.3.2.7.2.20010629095801.0c3e6a70%40brussels.cisco.commailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2001-0537

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2001-0537

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2001-0537

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2001-0537

III. Intelligence Information for CVE-2001-0537

IV. Related Vulnerabilities

V. Comments for CVE-2001-0537

Leave a comment