cbcvebase.
CVE-2002-1864
published 2002-12-31

CVE-2002-1864: Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitrary files via a ".." (dot dot) in an…

PriorityP432medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
17.77%
96.8th percentile
Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP request.

Affected

4 ranges
VendorProductVersion rangeFixed in
swssws_simple_web_server
swssws_simple_web_server
swssws_simple_web_server
swssws_simple_web_server

Detection & IOCsextracted from sources · hover to see the quote

command/../../../../../../../../../../../boot.ini
  • Detect HTTP requests containing ".." (dot dot) sequences in the URI path targeting Simple Web Server (SWS) versions 0.0.4 through 0.1.0, indicative of directory traversal attempts.
  • A Metasploit auxiliary scanner module exists for this vulnerability targeting Simple Web Server 2.3-RC1; presence of this module's traffic patterns (directory traversal HTTP GET requests) should be monitored.
  • ·The NVD entry references versions 0.0.4 through 0.1.0, while the Metasploit module targets version 2.3-RC1, indicating the vulnerability may span a broader version range than originally documented.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.