CVE-2001-0669

Cisco Catalyst 6000 IDS Module and Secure IDS - HTTP Attack Evasion via Unicode Encoding

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0669. PoCs published by blackangels.

AI-analyzed exploit summary This exploit targets multiple Cisco vulnerabilities, including a Unicode encoding IDS bypass (CVE-2001-0669). It sends malformed requests to trigger DoS or unauthorized access, primarily focusing on Cisco IOS and Catalyst devices.

Description

Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL.

Exploits (1)

exploitdb WORKING POC VERIFIED

by blackangels · perlremotemultiple

https://www.exploit-db.com/exploits/21100

View Code ZIP pw:eip

This exploit targets multiple Cisco vulnerabilities, including a Unicode encoding IDS bypass (CVE-2001-0669). It sends malformed requests to trigger DoS or unauthorized access, primarily focusing on Cisco IOS and Catalyst devices.

Classification

Working Poc 90%

Attack Type

Dos | Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Cisco IOS, Cisco Catalyst, CiscoSecure ACS

No auth needed

Prerequisites: Network access to target device · Target running vulnerable Cisco software

MITRE ATT&CK

T1499 - Endpoint Denial of Service T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/548515

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/3292

Patch, Vendor Advisory vendor-advisory x_refsource_cisco

http://www.cisco.com/warp/public/707/cisco-intrusion-detection-obfuscation-vuln-pub.shtml

Patch, Vendor Advisory third-party-advisory x_refsource_iss

http://xforce.iss.net/alerts/advise95.php

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=99972950200602&w=2

Scores

EPSS 0.0439

EPSS Percentile 90.1%

Details

Status published

Products (8)

cisco/catalyst_6000_intrusion_detection_system_module

cisco/secure_intrusion_detection_system

enterasys/dragon 4.x

iss/realsecure_network_sensor 5.x

iss/realsecure_network_sensor 6.x

iss/realsecure_server_sensor 5.5

iss/realsecure_server_sensor 6.0

snort/snort 1.8.1

Published Oct 30, 2001

Tracked Since Feb 18, 2026