NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file without credentials. By downloading this file, an attacker can access the admin password, WPA key, and any config information of the device.
References
Link | Resource |
---|---|
https://blog.nivel4.com/investigaciones/vulnerabilidad-en-los-dispositivos-nucom-wr644gacv/ | Third Party Advisory |
https://blog.nivel4.com/investigaciones/vulnerabilidad-en-los-dispositivos-nucom-wr644gacv/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 04:14
Type | Values Removed | Values Added |
---|---|---|
References | () https://blog.nivel4.com/investigaciones/vulnerabilidad-en-los-dispositivos-nucom-wr644gacv/ - Third Party Advisory |
Information
Published : 2018-06-25 15:29
Updated : 2024-11-21 04:14
NVD link : CVE-2018-8755
Mitre link : CVE-2018-8755
CVE.ORG link : CVE-2018-8755
JSON object : View
Products Affected
nucom
- wr644gacv_firmware
- wr644gacv
CWE
CWE-862
Missing Authorization