Loading
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
Use CWE-287, Cisco vendor hub and Ios product page to widen CVE-2001-0537 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2025-20352, CVE-2025-20363 and CVE-2025-20154 for nearby disclosures in the same product family. Additional editorial context is available in The Weekly Cybersecurity Brief: January 30th, 2026.