The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.
https://exchange.xforce.ibmcloud.com/vulnerabilities/5412
http://www.cisco.com/warp/public/707/ioshttpserverquery-pub.shtml