ГлавнаяУязвимости → CVE-2026-31851
9.8критическая

CVE-2026-31851

Описание

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement rate limiting or account lockout mechanisms on authentication interfaces. An attacker can perform unlimited authentication attempts against endpoints that rely on credential validation, enabling brute-force attacks to guess administrative credentials without restriction.

Затрагиваемое ПО
Nexxtsolutions Nebula300plus firmwareNexxtsolutions Nebula300plus
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://nexxt-connectivity-frontend.s3.amazonaws.com/media/docs/Nebula300+_v12.01.01.37.ziphttps://www.nexxtsolutions.com/connectivity/internal-products/ARN02304U6/