CVE-2000-0984
published 2000-12-19CVE-2000-0984: The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.
PriorityP264medium5CVSS 2.0
AVNACLAuNCNINAP
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
3.92%
89.0th percentile
The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
| cisco | ios | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Look for HTTP requests to Cisco IOS HTTP server where the URL path contains the literal string '?/' — this triggers an infinite loop leading to a watchdog-timer crash and reload. ↗
- ·The attack requires the enable password to be absent, known, or easily guessable — exploitation is gated by authentication to the IOS HTTP server. ↗
- ·The Cisco IOS HTTP server is only enabled by default on Cisco 1003, 1004, and 1005 routers; on all other affected platforms it must be explicitly enabled. ↗
- ·In certain cases the device will not automatically reload after the crash, requiring a manual restart to restore functionality. ↗
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vulncheck5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fgvg-x8xj-8xq8: The HTTP server in Cisco IOS 12
ghsa_unreviewed·2022-04-30
CVE-2000-0984 [MEDIUM] GHSA-fgvg-x8xj-8xq8: The HTTP server in Cisco IOS 12
The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.
VulnCheck
Cisco IOS HTTP Server '?/' String Vulnerability
vulncheck·2000·CVSS 5.0
CVE-2000-0984 [MEDIUM] Cisco IOS HTTP Server '?/' String Vulnerability
Cisco IOS HTTP Server '?/' String Vulnerability
The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.
Affected: Cisco IOS Software
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://security.pditechnologies.com/resources/q1-2025-cyber-threat-report/
No detection rules found.
No writeups or analysis indexed.
http://www.cisco.com/warp/public/707/ioshttpserverquery-pub.shtmlhttp://www.securityfocus.com/bid/1838https://exchange.xforce.ibmcloud.com/vulnerabilities/5412http://www.cisco.com/warp/public/707/ioshttpserverquery-pub.shtmlhttp://www.securityfocus.com/bid/1838https://exchange.xforce.ibmcloud.com/vulnerabilities/5412
2000-12-19
Published
Exploited in the wild