Unauthenticated Configuration File Download Vulnerability in NuCom WR644GACV Devices
CVE-2018-8755 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file without credentials. By downloading this file, an attacker can access the admin password, WPA key, and any config information of the device.
Learn more about our Web Application Penetration Testing UK.