CVE-2006-3595

The default configuration of IOS HTTP server in Cisco Router Web Setup (CRWS) before 3.3.0 build 31 does not require credentials, which allows remote attackers to access the server with arbitrary privilege levels, aka bug CSCsa78190.

Severity	HIGH
CVSS	7.5
CWE	NVD-CWE-Other
KEV
Published	19 years ago
Modified	1 month ago

Related Products

Product	Advisory
Cisco RV Series Routers	cisco-sa-20060712-crws
Cisco Nexus Dashboard	cisco-sa-20060712-crws
Cisco MDS 9000 Family of Multilayer Switches	cisco-sa-20060712-crws
Cisco IOS Software	cisco-sa-20060712-crws
Cisco Application Centric Infrastructure Virtual Edge	cisco-sa-20060712-crws
Cisco Router Web Setup Tool	cisco-sa-20060712-crws
Cisco IOS	cisco-sa-20060712-crws