CVE-2018-8755

CRITICAL

NuCom WR644GACV <STA006 - Info Disclosure

Title source: llm
STIX 2.1

Description

NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file without credentials. By downloading this file, an attacker can access the admin password, WPA key, and any config information of the device.

References (1)

Core 1

Scores

CVSS v3 9.8
EPSS 0.0108
EPSS Percentile 61.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-862
Status published
Products (1)
nucom/wr644gacv_firmware < sta006
Published Jun 25, 2018
Tracked Since Feb 18, 2026