CVE-2006-3595

N/A Unknown

Published: July 18, 2006 Modified: April 16, 2026

Description

The default configuration of IOS HTTP server in Cisco Router Web Setup (CRWS) before 3.3.0 build 31 does not require credentials, which allows remote attackers to access the server with arbitrary privilege levels, aka bug CSCsa78190.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/21028

Source: cve@mitre.org

Vendor Advisory

http://securitytracker.com/id?1016476

Source: cve@mitre.org

http://www.cisco.com/warp/public/707/cisco-sa-20060712-crws.shtml

Source: cve@mitre.org

Patch

http://www.kb.cert.org/vuls/id/205225

Source: cve@mitre.org

US Government Resource

http://www.osvdb.org/27159

Source: cve@mitre.org

http://www.securityfocus.com/bid/18953

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/2773

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/27688

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5826

Source: cve@mitre.org

http://secunia.com/advisories/21028