Unrated severityNVD Advisory· Published Jul 18, 2006· Updated Jun 16, 2026

CVE-2006-3595

Description

The default configuration of IOS HTTP server in Cisco Router Web Setup (CRWS) before 3.3.0 build 31 does not require credentials, which allows remote attackers to access the server with arbitrary privilege levels, aka bug CSCsa78190.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Cisco Systems, Inc./Router Web Setup2 versions
cpe:2.3:a:cisco:router_web_setup:3.3.0_build_30:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cisco:router_web_setup:3.3.0_build_30:*:*:*:*:*:*:*
- (no CPE)range: <3.3.0 build 31

Patches

Vulnerability mechanics

References

www.cisco.com/warp/public/707/cisco-sa-20060712-crws.shtmlnvdPatch
secunia.com/advisories/21028nvdVendor Advisory
www.kb.cert.org/vuls/id/205225nvdUS Government Resource
securitytracker.com/idnvd
www.osvdb.org/27159nvd
www.securityfocus.com/bid/18953nvd
www.vupen.com/english/advisories/2006/2773nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27688nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5826nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000