CVE-2001-0074

Technote - Unauthenticated Directory Traversal via Board Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0074. PoCs published by bt.

AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in Technote Inc.'s Multicommunication Package, specifically in the print.cgi script. The 'board' parameter is not sanitized, allowing attackers to read arbitrary files accessible to the web server process via '../' sequences.

Description

Directory traversal vulnerability in print.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the board parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by bt · textremotecgi
https://www.exploit-db.com/exploits/20522

The exploit describes a directory traversal vulnerability in Technote Inc.'s Multicommunication Package, specifically in the print.cgi script. The 'board' parameter is not sanitized, allowing attackers to read arbitrary files accessible to the web server process via '../' sequences.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Technote Inc. Multicommunication Package (version unspecified)
No auth needed
Prerequisites: Access to the vulnerable print.cgi script
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/153007
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/2155

Scores

EPSS 0.0296
EPSS Percentile 85.6%

Details

Status published
Products (3)
technote_inc/technote 2000
technote_inc/technote 2001
technote_inc/technote pro
Published Feb 12, 2001
Tracked Since Feb 18, 2026