CVE-2000-0114

NUCLEI

Frontpage Server Extensions - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2000-0114. PoCs published by Cappricio-Securities, Josekutty-K, adhamelhansye. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a Python-based scanner for detecting CVE-2000-0114, a vulnerability in Microsoft IIS related to the '_vti_bin/shtml.dll' endpoint. The tool checks for the presence of this endpoint and reports if the target is vulnerable.

Description

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.

Exploits (3)

nomisec SCANNER 2 stars
by Cappricio-Securities · poc
https://github.com/Cappricio-Securities/CVE-2000-0114

This repository contains a Python-based scanner for detecting CVE-2000-0114, a vulnerability in Microsoft IIS related to the '_vti_bin/shtml.dll' endpoint. The tool checks for the presence of this endpoint and reports if the target is vulnerable.

Classification
Scanner 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Microsoft IIS (versions affected by CVE-2000-0114)
No auth needed
Prerequisites: Network access to the target web server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec SCANNER
by Josekutty-K · poc
https://github.com/Josekutty-K/frontpage-server-extensions-vulnerability-scanner

This repository contains a Python script that automates the scanning for CVE-2000-0114 in Microsoft Frontpage Server Extensions by enumerating subdomains and using Nuclei for vulnerability detection. It does not include exploit code but relies on external tools (subfinder, nuclei) and a Nuclei template for detection.

Classification
Scanner 95%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Frontpage Server Extensions
No auth needed
Prerequisites: Python 3.x · subfinder · nuclei · Nuclei template for CVE-2000-0114
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec SUSPICIOUS
by adhamelhansye · poc
https://github.com/adhamelhansye/CVE-2000-0114

The repository lacks actual exploit code and instead instructs users to install a package via pip, which is a common tactic for distributing malicious software. No technical details about CVE-2000-0114 are provided.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: unspecified
No auth needed
Prerequisites: pip installation of a suspicious package
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Microsoft FrontPage Extensions - Information Disclosure
MEDIUMby r3naissance,matejsmycka
Shodan: cpe:"cpe:2.3:a:microsoft:internet_information_server"

References (1)

Core 1
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0114

Scores

EPSS 0.0546
EPSS Percentile 90.4%

Details

Status published
Products (2)
microsoft/internet_information_server 3.0
microsoft/internet_information_server 4.0
Published Feb 02, 2000
Tracked Since Feb 18, 2026