Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2026/03/26 2:59 p.m.7 views

CVE-2026-31848

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecospw cookie for authentication, which contains Base64-encoded credential data combined with a static suffix. Because the encoding is reversible and lacks integrity protection, an attacker can reconstruct or forge a valid...

8.7CVSS5.8AI score0.00281EPSS
Exploits0References1
nvd
nvd
added 2026/03/23 1:16 p.m.15 views

CVE-2026-31847

Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows remote enablement of a Telnet service. By sending a crafted POST request with parameters such as telnetManageEn=true and telnetPwd, an authenticated attacker can...

8.8CVSS0.00424EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/03/23 12:0 a.m.8 views

Nexxt Solutions Nebula 300+ 安全漏洞

The Nexxt Solutions Nebula 300+ is a wireless router produced by the American company Nexxt Solutions. Versions of the Nebula 300+ prior to 12.01.01.37 contain security vulnerabilities. These vulnerabilities stem from improper storage of authentication materials, which could lead to the creation ...

9.8CVSS5.8AI score0.00281EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/03/23 12:0 a.m.17 views

Nexxt Solutions Nebula 300+ 安全漏洞

The Nexxt Solutions Nebula 300+ is a wireless router produced by the American company Nexxt Solutions. Versions of the Nebula 300+ prior to 12.01.01.37 contain security vulnerabilities. These vulnerabilities stem from the lack of cross-site request forgery protection in the status change manageme...

7.2CVSS5.7AI score0.00117EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/03/23 12:0 a.m.4 views

PT-2026-27117

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files...

6.8CVSS5.8AI score0.00178EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/03/23 12:0 a.m.6 views

PT-2026-27116

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement CSRF protections on state-changing administrative endpoints. A remote attacker can induce an authenticated administrator to submit crafted requests that modify device settings, including security-relevant...

7.2CVSS5.9AI score0.00117EPSS
Exploits0References3
Rows per page
Query Builder