CVE-2002-2154

Monkey HTTP Daemon 0.1.4 - Path Traversal via Dot Dot Sequences

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2002-2154. PoCs published by DownBload, Hirainsingadia.

AI-analyzed exploit summary This exploit targets a directory traversal vulnerability in Monkey HTTP server 0.1.4, allowing attackers to read arbitrary files by sending a crafted HTTP GET request. The script first probes the target to confirm it is running the vulnerable server before attempting the traversal attack.

Description

Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences.

Exploits (2)

exploitdb WORKING POC VERIFIED
by DownBload · perlremotelinux
https://www.exploit-db.com/exploits/21857

This exploit targets a directory traversal vulnerability in Monkey HTTP server 0.1.4, allowing attackers to read arbitrary files by sending a crafted HTTP GET request. The script first probes the target to confirm it is running the vulnerable server before attempting the traversal attack.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Monkey HTTP server 0.1.4
No auth needed
Prerequisites: Network access to the target server · Monkey HTTP server 0.1.4 running on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by Hirainsingadia · poc
https://github.com/Hirainsingadia/CVE-2002-2154

This is a functional exploit for CVE-2002-2154, targeting a path traversal vulnerability in Monkey HTTP Server 0.1.4. It sends a crafted HTTP GET request to retrieve arbitrary files from the server.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Monkey HTTP Server 0.1.4
No auth needed
Prerequisites: Network access to the target server · Monkey HTTP Server 0.1.4 running on the target
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5792
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10188.php
Exploit mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-09/0298.html

Scores

EPSS 0.0757
EPSS Percentile 93.8%

Details

CWE
CWE-22
Status published
Products (1)
monkey-project/monkey 0.1.4
Published Dec 31, 2002
Tracked Since Feb 18, 2026