CVE-2025-5379

Name of the Vulnerable Software and Affected Versions NuCom NC-WR744G version 8.5.5 Build 20200530.307

Description A critical vulnerability was found in the Console Application component of the affected software. The issue involves the manipulation of the CMCCAdmin/useradmin/CUAdmin argument, leading to the exposure of hard-coded credentials. This vulnerability can be exploited remotely. The vendor was contacted about this issue but did not respond.

Recommendations For NuCom NC-WR744G version 8.5.5 Build 20200530.307, as a temporary workaround, consider restricting access to the Console Application component until a patch is available. Avoid using the CMCCAdmin/useradmin/CUAdmin argument in the affected application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.