CVE-2001-0206

Soft Lite ServerWorx 3.00 - Directory Traversal via HTTP GET Pathname

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0206. PoCs published by joetesta.

AI-analyzed exploit summary This exploit describes a directory traversal vulnerability in ServerWorx, allowing remote users to access files outside the web root via '../' or '.../' sequences in the URL. The provided examples demonstrate the attack vector but do not include executable code.

Description

Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. (dot dot) or ... into the requested pathname of an HTTP GET request.

Exploits (1)

exploitdb WRITEUP VERIFIED

by joetesta · textremotewindows

https://www.exploit-db.com/exploits/20616

View Code ZIP pw:eip

This exploit describes a directory traversal vulnerability in ServerWorx, allowing remote users to access files outside the web root via '../' or '.../' sequences in the URL. The provided examples demonstrate the attack vector but do not include executable code.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: ServerWorx (version not specified)

No auth needed

Prerequisites: Access to the target ServerWorx instance

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/2346

Patch, Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2001-02/0137.html

Scores

EPSS 0.0670

EPSS Percentile 93.1%

Details

Status published

Products (1)

soft_lite/serverworx 3.00

Published Jun 02, 2001

Tracked Since Feb 18, 2026