The default configuration of IOS HTTP server in Cisco Router Web Setup (CRWS) prior to 3.3.0 build 31 does not require credentials, which allows remote malicious users to access the server with arbitrary privilege levels, aka bug CSCsa78190.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco router web setup 3.3.0_build_30 |