CVE-2000-0191

Axis StorPoint CD - Unauthenticated Administrator URL Access via Dot-Dot Attack

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0191. PoCs published by Infosec Swedish based tigerteam.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in Axis StorPoint CD and Axis StorPoint CD/T devices. By manipulating the URL path, an attacker can bypass the login page and gain administrative access to the appliance.

Description

Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Infosec Swedish based tigerteam · textremotemultiple
https://www.exploit-db.com/exploits/19784

This exploit demonstrates an authentication bypass vulnerability in Axis StorPoint CD and Axis StorPoint CD/T devices. By manipulating the URL path, an attacker can bypass the login page and gain administrative access to the appliance.

Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Axis StorPoint CD and Axis StorPoint CD/T
No auth needed
Prerequisites: Network access to the target device
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/19
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1025

Scores

EPSS 0.1089
EPSS Percentile 95.3%

Details

Status published
Products (1)
axis/storpoint_cd
Published Feb 29, 2000
Tracked Since Feb 18, 2026