CVE-2001-0075

Technote - Directory Traversal via Filename Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0075. PoCs published by Ksecurity.

AI-analyzed exploit summary This exploit targets a directory traversal and command execution vulnerability in Technote Inc.'s main.cgi script. It allows an attacker to read arbitrary files and execute system commands by manipulating the 'filename' parameter.

Description

Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Ksecurity · perlremotecgi

https://www.exploit-db.com/exploits/20523

View Code ZIP pw:eip

This exploit targets a directory traversal and command execution vulnerability in Technote Inc.'s main.cgi script. It allows an attacker to read arbitrary files and execute system commands by manipulating the 'filename' parameter.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Technote Inc. multi-communication package (main.cgi)

No auth needed

Prerequisites: Network access to the vulnerable web server · Technote Inc. software with vulnerable main.cgi script

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Vendor Advisory mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/153212

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/2156

Scores

EPSS 0.0648

EPSS Percentile 92.9%

Details

Status published

Products (3)

technote_inc/technote 2000

technote_inc/technote 2001

technote_inc/technote pro

Published Feb 12, 2001

Tracked Since Feb 18, 2026