cbcvebase.
CVE-2000-0380
published 2000-04-26

CVE-2000-0380: The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that…

PriorityP427high7.1CVSS 2.0
AVNACMAuNCNINAC
EXPLOIT
EPSS
35.00%
98.2th percentile
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.

Affected

39 ranges· showing 25
VendorProductVersion rangeFixed in
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios
ciscoios

Detection & IOCsextracted from sources · hover to see the quote

urlGET /%% HTTP/1.0
commandGET /%% HTTP/1.0
  • Detect HTTP GET requests containing '%%' in the URL path targeting Cisco IOS HTTP service on port 80
  • Alert on GET requests for '/%%' specifically, as this exact path triggers the DoS on Cisco IOS 11.1 through 12.1
  • Confirmed vulnerable hardware includes Cisco 1600 Router running IOS v11.2(18)P; monitor for sudden unresponsiveness of HTTP service on such devices following a GET /%%
  • ·The vulnerability only applies when the IOS HTTP service is enabled on the router/switch; devices without the HTTP service running are not exposed
  • ·Affected IOS versions span 11.1 through 12.1; verify device IOS version before applying detection rules to avoid false positives on patched or out-of-range versions
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.