Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.8 views

CVE-2026-31850

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files. These backup files can be obtained through legitimate functionality or other...

6.8CVSS5.8AI score0.00178EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.7 views

CVE-2026-31848

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecospw cookie for authentication, which contains Base64-encoded credential data combined with a static suffix. Because the encoding is reversible and lacks integrity protection, an attacker can reconstruct or forge a valid...

8.7CVSS5.8AI score0.00281EPSS
Exploits0References1
NVD
NVD
added 2026/03/23 1:16 p.m.5 views

CVE-2026-31851

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement rate limiting or account lockout mechanisms on authentication interfaces. An attacker can perform unlimited authentication attempts against endpoints that rely on credential validation, enabling brute-force attack...

9.8CVSS0.00333EPSS
Exploits0References2
CVE
CVE
added 2026/03/23 12:21 p.m.8 views

CVE-2026-31850

CVE-2026-31850 affects Nexxt Solutions Nebula 300+ firmware up to 12.01.01.37. The vulnerability arises because administrative credentials and WiFi pre‑shared keys are stored in plaintext inside exported configuration backup files, enabling exposure if backups are accessed. CVSS 4.0 base score 6....

6.8CVSS5.8AI score0.00178EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/23 12:21 p.m.1 views

CVE-2026-31850 Plaintext Storage of Credentials in Configuration Backup in Nexxt Nebula 300+

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files. These backup files can be obtained through legitimate functionality or other...

6.8CVSS5.8AI score0.00178EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/23 12:21 p.m.24 views

CVE-2026-31850 Plaintext Storage of Credentials in Configuration Backup in Nexxt Nebula 300+

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files. These backup files can be obtained through legitimate functionality or other...

6.8CVSS0.00178EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/23 12:7 p.m.5 views

CVE-2026-31847 Hidden Functionality Enables Remote Telnet Activation via /goform/setSysTools in Nexxt Nebula 300+

Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows remote enablement of a Telnet service. By sending a crafted POST request with parameters such as telnetManageEn=true and telnetPwd, an authenticated attacker can...

8.5CVSS5.9AI score0.00424EPSS
Exploits0References2
CVE
CVE
added 2026/03/23 12:7 p.m.14 views

CVE-2026-31847

CVE-2026-31847 concerns Nexxt Solutions Nebula 300+ devices running firmware up to 12.01.01.37. A hidden functionality in the /goform/setSysTools endpoint can remotely enable Telnet, which then exposes a privileged diagnostic management interface over the network. This increases attack surface an...

8.8CVSS5.9AI score0.00424EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.4 views

PT-2026-27118

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement rate limiting or account lockout on the authentication interface...

7.7CVSS5.8AI score0.00333EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.15 views

Nexxt Solutions Nebula 300+ 安全漏洞

The Nexxt Solutions Nebula 300+ is a wireless router produced by the American company Nexxt Solutions. Versions of the Nebula 300+ prior to 12.01.01.37 contain security vulnerabilities. These vulnerabilities stem from the lack of cross-site request forgery protection in the status change manageme...

7.2CVSS5.7AI score0.00117EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.10 views

Nexxt Solutions Nebula 300+ 安全漏洞

The Nexxt Solutions Nebula 300+ is a wireless router produced by the American company Nexxt Solutions. Versions of the Nebula 300+ prior to 12.01.01.37 contain security vulnerabilities. These vulnerabilities stem from a hidden feature in the /goform/setSysTools endpoint, which may lead to the...

8.8CVSS5.8AI score0.00424EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.4 views

PT-2026-27117

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files...

6.8CVSS5.8AI score0.00178EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.9 views

Nexxt Solutions Nebula 300+ 安全漏洞

The Nexxt Solutions Nebula 300+ is a wireless router produced by the Nexxt Solutions company in the United States. Versions of the Nebula 300+ with the software version 12.01.01.37 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of rate limits on the...

9.8CVSS5.8AI score0.00333EPSS
Exploits0References2
Rows per page
Query Builder