CVE-2025-5379 is a vulnerability identified in the NuCom NC-WR744G router, specifically version 8.5.5 Build 20200530.307. The issue arises from hard-coded credentials embedded within the Console Application component of the device's firmware. The vulnerability is triggered by manipulation of certain arguments, namely CMCCAdmin, useradmin, and CUAdmin, which correspond to privileged user accounts. Because these credentials are hard-coded and cannot be changed by the end user, an attacker can remotely exploit this flaw without requiring authentication or user interaction. The vulnerability allows an attacker to gain unauthorized access to the device's administrative interface, potentially enabling full control over the router. This could lead to interception or manipulation of network traffic, deployment of malicious configurations, or pivoting to other devices within the network. The vendor NuCom was notified early but has not responded or issued a patch, leaving the vulnerability unmitigated. The CVSS 4.0 base score is 5.3, indicating a medium severity level. The vector indicates network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:L - low privileges, but in this context likely means no prior authentication), no user interaction (UI:N), and low impact on confidentiality (VC:L), with no impact on integrity or availability. Despite the medium rating, the presence of hard-coded credentials accessible remotely is a significant security risk, especially in network infrastructure devices like routers that serve as gateways for enterprise networks.

For European organizations, exploitation of this vulnerability could have serious consequences. The NC-WR744G router is used in various small to medium enterprise and possibly some industrial environments. Unauthorized access to the router could allow attackers to intercept sensitive communications, redirect traffic to malicious sites, or establish persistent footholds within corporate networks. This could lead to data breaches, intellectual property theft, or disruption of business operations. Given the router's role in network connectivity, attackers could also launch further attacks against internal systems. The lack of vendor response and patch availability increases the risk exposure. Organizations relying on this device may face compliance issues with GDPR if personal data confidentiality is compromised. Additionally, critical infrastructure sectors using these routers could experience operational disruptions. The medium CVSS score may underestimate the real-world risk due to the nature of hard-coded credentials enabling easy unauthorized access.

Since no official patch or vendor response is available, European organizations should take immediate compensating controls. First, identify all instances of the NuCom NC-WR744G routers running the affected firmware version. Replace these devices with models from vendors with active security support where feasible. If replacement is not immediately possible, isolate the affected routers from direct internet exposure by placing them behind firewalls or VPNs restricting access to trusted management networks only. Change default network configurations to limit management interface exposure. Monitor network traffic for unusual access patterns or unauthorized login attempts targeting these devices. Employ network segmentation to reduce the impact of a compromised router. Consider deploying intrusion detection/prevention systems (IDS/IPS) to detect exploitation attempts. Maintain strict logging and audit trails for router access. Finally, engage with NuCom or authorized resellers to demand security updates or firmware patches and stay informed about any future advisories.