CVE-2003-1553

Sips - Information Disclosure

Title source: rule
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-1553. PoCs published by dwcgr0up.

AI-analyzed exploit summary This is a writeup describing an authentication bypass vulnerability in an unspecified SIP server software. The issue allows unauthenticated remote attackers to access user account information via a predictable URL path.

Description

Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password and other user information via a direct request to a user-specific configuration directory.

Exploits (1)

exploitdb WRITEUP VERIFIED
by dwcgr0up · textremotemultiple
https://www.exploit-db.com/exploits/22381

This is a writeup describing an authentication bypass vulnerability in an unspecified SIP server software. The issue allows unauthenticated remote attackers to access user account information via a predictable URL path.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Unspecified SIP server software (likely Cisco SIP Proxy Server)
No auth needed
Prerequisites: Network access to the target SIP server · Knowledge of the first letter of a valid UserID
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/11572
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3780
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/315504/30/25460/threaded
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/7134

Scores

EPSS 0.0210
EPSS Percentile 79.5%

Details

CWE
CWE-200
Status published
Products (1)
sips/sips 0.2.2
Published Dec 31, 2003
Tracked Since Feb 18, 2026