Skip to content
High Published: Nov 19, 2001 Modified: Apr 03, 2025

CVE-2001-0901

7.5 CVSS Score High
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Export CVE-2001-0901 Data:
Share:
Link copied!

Description

Hypermail allows remote attackers to execute arbitrary commands on a server supporting SSI via an attachment with a .shtml extension, which is archived on the server and can then be executed by requesting the URL for the attachment.

CVSS Vector Details

Attack Vector Network
Attack Complexity Low
Confidentiality P
Integrity P
Availability P

Affected Software Configurations

  • a hypermail_development hypermail * * * * * * * *

Weaknesses (CWE)

  • CWE-434

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

Related Vulnerabilities

CVE-2001-0340 CVSS 0 Same weakness: CWE-434 CVE-2001-1099 CVSS 0 Same weakness: CWE-434 CVE-2002-1841 CVSS 0 Same weakness: CWE-434 CVE-2004-2262 CVSS 0 Same weakness: CWE-434 CVE-2005-0254 CVSS 3.7 Same weakness: CWE-434

CVE History Timeline

Jan 01, 2004 05:00 Initial Analysis
Oct 18, 2016 02:13 CVE Modified
Oct 10, 2017 01:29 CVE Modified
Jan 26, 2024 20:01 Modified Analysis
May 14, 2024 01:19 CVE Modified
Nov 20, 2024 23:36 CVE Modified
← Back to CVE Tracker