Unauthenticated Configuration File Download Vulnerability in NuCom WR644GACV Devices

Unauthenticated Configuration File Download Vulnerability in NuCom WR644GACV Devices

CVE-2018-8755 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file without credentials. By downloading this file, an attacker can access the admin password, WPA key, and any config information of the device.

Learn more about our Web Application Penetration Testing UK.