CVE-2001-0871

Name of the Vulnerable Software and Affected Versions Alchemy Eye and Alchemy Network Monitor versions 2.0 through 3.0.10

Description A directory traversal issue in the HTTP server allows remote attackers to execute arbitrary commands via an HTTP request. This can be achieved by including a .. in the request for versions 2.0 through 2.6.18, or by using a DOS device name followed by a .. for versions 2.6.19 through 3.0.10.

Recommendations For versions 2.0 through 2.6.18, consider restricting access to the HTTP server until a patch is available. For versions 2.6.19 through 3.0.10, avoid using DOS device names in HTTP requests to minimize the risk of exploitation.