Vulnerability Database

308,379

Total vulnerabilities in the database

CVE-2001-0452

BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.

Published: Jun 27, 2001
Updated: Nov 9, 2025
CVE: CVE-2001-0452
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
brs / webweaver	0.50_beta	0.50_beta.x
brs / webweaver	0.60_beta	0.60_beta.x
brs / webweaver	0.52_beta	0.52_beta.x
brs / webweaver	0.51_beta	0.51_beta.x
brs / webweaver	0.62_beta	0.62_beta.x
brs / webweaver	0.61_beta	0.61_beta.x
brs / webweaver	0.49_beta	0.49_beta.x

http://members.nbci.com/_XMCM/BSoutham/WebWeaver/WebWeaverHistory.html
http://www.securityfocus.com/archive/1/180506
http://www.securityfocus.com/bid/2676

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo