CVE-2001-0748

acme_server 1.7 - Unauthenticated Arbitrary File Read via URI Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0748. PoCs published by Adnan Rahman.

AI-analyzed exploit summary This is a writeup describing an information disclosure vulnerability in Acme.Serve 1.7, where the embedded webserver allows unauthenticated remote access to filesystem contents, including sensitive files like '/etc/shadow'.

Description

Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Adnan Rahman · textremotemultiple
https://www.exploit-db.com/exploits/20894

This is a writeup describing an information disclosure vulnerability in Acme.Serve 1.7, where the embedded webserver allows unauthenticated remote access to filesystem contents, including sensitive files like '/etc/shadow'.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Acme.Serve 1.7
No auth needed
Prerequisites: Network access to port 9090 on the target system
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory vendor-advisory x_refsource_cisco
http://www.cisco.com/warp/public/707/acmeweb-acsunix-dirtravers-vuln-pub.shtml
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/2809
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/188141
Broken Link vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/6634.php
Broken Link vdb-entry x_refsource_osvdb
http://www.osvdb.org/5544

Scores

EPSS 0.0921
EPSS Percentile 94.8%

Details

CWE
CWE-20
Status published
Products (1)
acme_labs/acme_server 1.7
Published Oct 18, 2001
Tracked Since Feb 18, 2026