Hard-Coded Credentials Vulnerability in NuCom NC-WR744G Console Application
CVE-2025-5379

5.3MEDIUM

Key Information:

Vendor

Nucom

Status
Nc-wr744g
Vendor
CVE Published:
31 May 2025

What is CVE-2025-5379?

A security issue has been identified in the NuCom NC-WR744G 8.5.5 Build 20200530.307 involving the Console Application. This vulnerability stems from improper handling of arguments in the component, specifically with the path CMCCAdmin/useradmin/CUAdmin, which exposes hard-coded credentials. Attackers can exploit this flaw remotely, gaining unauthorized access to sensitive system functions. Despite attempts to notify the vendor, there has been no response, emphasizing the importance of addressing this vulnerability urgently to protect users.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

NC-WR744G 8.5.5 Build 20200530.307

References

https://vuldb.com/?id.310672
vdb-entrytechnical-description
https://vuldb.com/?ctiid.310672
signaturepermissions-required
https://vuldb.com/?submit.582868
third-party-advisory

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

matuii (VulDB User)
JSON
.