CVE-2000-0380

Cisco IOS 11.1-12.1 - Denial of Service via URL with %% String

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2000-0380. PoCs published by Keith Woodworth, aushack, including Metasploit module auxiliary/dos/cisco/ios_http_percentpercent.

AI-analyzed exploit summary This Perl script is a multi-exploit tool targeting various Cisco IOS vulnerabilities, including DoS and arbitrary command execution. It provides a menu-driven interface to select and launch exploits against specified targets.

Description

The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Keith Woodworth · perlremotehardware
https://www.exploit-db.com/exploits/19882

This Perl script is a multi-exploit tool targeting various Cisco IOS vulnerabilities, including DoS and arbitrary command execution. It provides a menu-driven interface to select and launch exploits against specified targets.

Classification
Working Poc 90%
Attack Type
Dos | Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Cisco IOS (various versions)
No auth needed
Prerequisites: Network access to the target device · Specific Cisco IOS versions with known vulnerabilities
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC
by aushack · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/cisco/ios_http_percentpercent.rb

This Metasploit module exploits a Denial of Service (DoS) vulnerability in Cisco IOS HTTP servers by sending a malformed GET request containing '/%%'. The vulnerability affects Cisco IOS versions 11.1 through 12.1, causing the device to crash or become unresponsive.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Cisco IOS HTTP Server (versions 11.1 to 12.1)
No auth needed
Prerequisites: Network access to the target device's HTTP server (port 80)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory vendor-advisory x_refsource_cisco
http://www.cisco.com/warp/public/707/ioshttpserver-pub.shtml
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-04/0261.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/1302
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1154

Scores

EPSS 0.3500
EPSS Percentile 98.2%

Details

CWE
CWE-20
Status published
Products (39)
cisco/ios 11.1
cisco/ios 11.2
cisco/ios 11.2\(4\)f1
cisco/ios 11.2\(8\)
cisco/ios 11.2\(8\)p
cisco/ios 11.2\(9\)p
cisco/ios 11.2\(9\)xa
cisco/ios 11.2\(10\)
cisco/ios 11.2\(10\)bc
cisco/ios 11.2\(17\)
... and 29 more
Published Apr 26, 2000
Tracked Since Feb 18, 2026