彙總 nexxtsolutions 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
歷史漏洞主要涉及 CSRF 等安全問題,並影響 軟體部署與生產負載 相關場景。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2026-31851 | Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement rate limiting or account lockout mechanisms on authentication interfaces. An attacker can perform unlimited authentication attempts against endpoints that rely on credential validation, enabling brute-force attacks to guess administrative credentials without restriction. | 309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c | 7.7 | 0.33% | 2026-03-23 | 2026-06-17 |
| CVE-2026-31850 | Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files. These backup files can be obtained through legitimate functionality or other weaknesses and do not apply encryption or hashing, allowing attackers to directly extract sensitive information. | 309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c | 6.8 | 0.18% | 2026-03-23 | 2026-06-17 |
| CVE-2026-31849 | Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement CSRF protections on state-changing endpoints such as /goform/setSysTools and other administrative interfaces. As a result, an attacker can craft malicious web requests that are executed in the context of an authenticated administrator’s browser, leading to unauthorized configuration changes, including enabling services or modifying system settings. | 309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c | 7.2 | 0.12% | 2026-03-23 | 2026-06-17 |
| CVE-2026-31848 | Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecos_pw cookie for authentication, which contains Base64-encoded credential data combined with a static suffix. Because the encoding is reversible and lacks integrity protection, an attacker can reconstruct or forge a valid cookie value without proper authentication. This allows unauthorized administrative access to protected endpoints. | 309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c | 8.7 | 0.28% | 2026-03-23 | 2026-06-17 |
| CVE-2026-31847 | Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows remote enablement of a Telnet service. By sending a crafted POST request with parameters such as telnetManageEn=true and telnetPwd, an authenticated attacker can activate a Telnet service on port 23. This exposes a privileged diagnostic interface that is not intended for external access and can be used to interact with the underlying system. | 309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c | 8.5 | 0.42% | 2026-03-23 | 2026-06-17 |
| CVE-2022-46080 | Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTTPD service to enable TELNET. | [email protected] | 9.8 | 2.32% | 2023-07-05 | 2026-06-17 |
| CVE-2022-44149 | The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required | [email protected] | 8.8 | 64.35% | 2023-01-06 | 2026-06-17 |