• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Cisco Router Web Setup (CRWS) Authentication Bypass Vulnerability

Cisco Router Web Setup (CRWS) is prone to a remote authentication-bypass vulnerability. This issue is due to the application's failure to ensure that remote web-based users are properly authenticated.

This issue allows remote attackers to gain administrative access to affected routers. This may aid them in further attacks.

CRWS for Cisco SOHO and Cisco 800 series routers with versions prior to 3.3.0 build 31 were identified as vulnerable to this issue.

This vulnerability is documented in Cisco Bug ID CSCsa78190.