cbcvebase.
CVE-2001-1152
published 2001-09-05

CVE-2001-1152: Baltimore Technologies WEBsweeper 4.02, when used to manage URL blacklists, allows remote attackers to bypass blacklist restrictions and connect to…

PriorityP423high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.44%
82.3th percentile
Baltimore Technologies WEBsweeper 4.02, when used to manage URL blacklists, allows remote attackers to bypass blacklist restrictions and connect to unauthorized web servers by modifying the requested URL, including (1) a // (double slash), (2) a /SUBDIR/.. where the desired file is in the parentdir, (3) a /./, or (4) URL-encoded characters.

Affected

1 ranges
VendorProductVersion rangeFixed in
baltimore_technologieswebsweeper
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.