← Back to CVEs
CVE-2026-31850
N/ADescription
Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files. These backup files can be obtained through legitimate functionality or other weaknesses and do not apply encryption or hashing, allowing attackers to directly extract sensitive information.
CVE Details
CVSS v3.1 ScoreN/A
Published3/23/2026
Last Modified3/26/2026
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-256
References
https://nexxt-connectivity-frontend.s3.amazonaws.com/media/docs/Nebula300+_v12.01.01.37.zip(309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c)
https://www.nexxtsolutions.com/connectivity/internal-products/ARN02304U6/(309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.