← Volver a CVEs
CVE-2026-31851
N/ADescripcion
Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement rate limiting or account lockout mechanisms on authentication interfaces. An attacker can perform unlimited authentication attempts against endpoints that rely on credential validation, enabling brute-force attacks to guess administrative credentials without restriction.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado3/23/2026
Ultima modificacion3/26/2026
Fuentenvd
Avistamientos honeypot0
Debilidades (CWE)
CWE-307
Referencias
https://nexxt-connectivity-frontend.s3.amazonaws.com/media/docs/Nebula300+_v12.01.01.37.zip(309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c)
https://www.nexxtsolutions.com/connectivity/internal-products/ARN02304U6/(309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.