Strix
26.1K

CVE-2001-1026

UnknownEPSS 1.58%

Last modified

CVE-2001-1026 is a vulnerability of currently unknown severity. Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name, or (4) using a leading 0 in an octet of an IP address.. EPSS estimates a 1.58% chance of exploitation in the next 30 days.

Description

Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name, or (4) using a leading 0 in an octet of an IP address.

Metrics

EPSS Probability
1.58%

72.5th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
Trend MicroInterscan Applettrap2.0

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2001-1026?
Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name, or (4) using a leading 0 in an octet of an IP address.
How severe is CVE-2001-1026?
Severity scoring for CVE-2001-1026 is pending analysis. The EPSS model estimates a 1.58% probability of exploitation in the next 30 days.
How do I fix CVE-2001-1026?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2001-1026?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST