cbcvebase.
CVE-2001-0133
published 2001-03-12

CVE-2001-0133: The web administration interface for Interscan VirusWall 3.6.x and earlier does not use encryption, which could allow remote attackers to obtain the…

PriorityP434critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
2.19%
80.1th percentile
The web administration interface for Interscan VirusWall 3.6.x and earlier does not use encryption, which could allow remote attackers to obtain the administrator password to sniff the administrator password via the setpasswd.cgi program or other HTTP GET requests that contain base64 encoded usernames and passwords.

Affected

2 ranges
VendorProductVersion rangeFixed in
trend_microinterscan_viruswall<= 3.6
trend_microinterscan_viruswall
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.