cbcvebase.

Nexxt Solutions Nebula 300 vulnerabilities

5 known vulnerabilities affecting nexxt_solutions/nebula_300.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2026-31848P2CRITICALCVSS 9.8≤ 12.01.01.372026-03-23
CVE-2026-31848 [CRITICAL] CWE-312 CVE-2026-31848: Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecos_pw cookie for authent Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecos_pw cookie for authentication, which contains Base64-encoded credential data combined with a static suffix. Because the encoding is reversible and lacks integrity protection, an attacker can reconstruct or forge a valid cookie value without proper authentication. This al
nvd
CVE-2026-31851P2CRITICALCVSS 9.8≤ 12.01.01.372026-03-23
CVE-2026-31851 [CRITICAL] CWE-307 CVE-2026-31851: Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement rate limiting or Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement rate limiting or account lockout mechanisms on authentication interfaces. An attacker can perform unlimited authentication attempts against endpoints that rely on credential validation, enabling brute-force attacks to guess administrative credentials without restri
nvd
CVE-2026-31847P2HIGHCVSS 8.8≤ Nebula300+_v12.01.01.372026-03-23
CVE-2026-31847 [HIGH] CWE-912 CVE-2026-31847: Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware thr Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows remote enablement of a Telnet service. By sending a crafted POST request with parameters such as telnetManageEn=true and telnetPwd, an authenticated attacker can activate a Telnet service on port 23. This exposes a privil
nvd
CVE-2026-31849P3MEDIUMCVSS 6.5≤ 12.01.01.372026-03-23
CVE-2026-31849 [MEDIUM] CWE-352 CVE-2026-31849: Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement CSRF protections Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement CSRF protections on state-changing endpoints such as /goform/setSysTools and other administrative interfaces. As a result, an attacker can craft malicious web requests that are executed in the context of an authenticated administrator’s browser, leading to unauthoriz
nvd
CVE-2026-31850P4MEDIUMCVSS 4.9≤ 12.01.01.372026-03-23
CVE-2026-31850 [MEDIUM] CWE-256 CVE-2026-31850: Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, inclu Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files. These backup files can be obtained through legitimate functionality or other weaknesses and do not apply encryption or hashing, allowing
nvd
Nexxt Solutions Nebula 300 vulnerabilities | cvebase