CVE-2018-8755

NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file without credentials. By downloading this file, an attacker can access the admin password, WPA key, and any config information of the device.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:nucom:wr644gacv_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:nucom:wr644gacv:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:14

Type Values Removed Values Added
References () https://blog.nivel4.com/investigaciones/vulnerabilidad-en-los-dispositivos-nucom-wr644gacv/ - Third Party Advisory () https://blog.nivel4.com/investigaciones/vulnerabilidad-en-los-dispositivos-nucom-wr644gacv/ - Third Party Advisory

Information

Published : 2018-06-25 15:29

Updated : 2024-11-21 04:14


NVD link : CVE-2018-8755

Mitre link : CVE-2018-8755

CVE.ORG link : CVE-2018-8755


JSON object : View

Products Affected

nucom

  • wr644gacv_firmware
  • wr644gacv
CWE
CWE-862

Missing Authorization