← CVECheck
HomeVulnerabilities

CVE-2000-0886 — HIGH severity vulnerability (IIS 5.0 allows remote attackers to execute arbitrary command)

IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.

CVE IDCVE-2000-0886
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2000-12-19
Last modified2026-04-16
DescriptionIIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →