cbcvebase.
CVE-2007-3701
published 2007-07-11

CVE-2007-3701: TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send…

PriorityP344high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
8.48%
94.3th percentile
TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack.

Affected

23 ranges
VendorProductVersion rangeFixed in
3comtippingpoint_ips_tos
3comtippingpoint_ips_tos
3comtippingpoint_ips_tos
3comtippingpoint_ips_tos
3comtippingpoint_ips_tos
3comtippingpoint_ips_tos
3comtippingpoint_ips_tos
3comtippingpoint_ips_tos
3comtippingpoint_ips_tos
3comtippingpoint_ips_tos
tippingpointtipping_point
tippingpointtipping_point
tippingpointtipping_point
tippingpointtipping_point
tippingpointtipping_point
tippingpointtipping_point
tippingpointtipping_point
tippingpointtipping_point
tippingpointtipping_point
tippingpointtipping_point
tippingpointtipping_point
tippingpointtipping_point
tippingpointtipping_point
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.