Hernán Moller

**Name of the Vulnerable Software and Affected Versions** NuCom WR644GACV devices before STA006 **Description** The issue allows an attacker to download the configuration file without credentials. By doing so, an attacker can access the admin password, WPA key, and any configuration information of the device. **Recommendations** For NuCom WR644GACV devices before STA006, update to STA006 or later to resolve the issue. As a temporary workaround, consider restricting access to the device's configuration file until a patch is available.