CVE-2001-0274

kicq IRC client <1.0.0 - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0274. PoCs published by Marc Roessler.

AI-analyzed exploit summary This is a writeup describing a vulnerability in KICQ where shell metacharacters embedded in a URL can lead to remote command execution when a user clicks the link. The exploit leverages improper handling of URLs to execute arbitrary commands with the privileges of the KICQ user.

Description

kicq IRC client 1.0.0, and possibly later versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Marc Roessler · textremoteunix
https://www.exploit-db.com/exploits/20660

This is a writeup describing a vulnerability in KICQ where shell metacharacters embedded in a URL can lead to remote command execution when a user clicks the link. The exploit leverages improper handling of URLs to execute arbitrary commands with the privileges of the KICQ user.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: KICQ (versions not specified)
No auth needed
Prerequisites: Attacker must send a malicious URL to the target user · Target user must click the URL
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6112
Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0536.html
Exploit, Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0276.html

Scores

EPSS 0.0382
EPSS Percentile 88.8%

Details

Status published
Products (1)
kicq/kicq 1.0.0
Published May 03, 2001
Tracked Since Feb 18, 2026