CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-1749

The listed versions of Nexx Smart Home devices lack proper access control when executing actions. An attacker with a valid NexxHome deviceId could send API requests that the affected devices would execute.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 36.8%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2023-1749

Getnexx » Nxal-100 » Version: N/A

cpe:2.3:h:getnexx:nxal-100:-
Getnexx » Nxg-100b » Version: N/A

cpe:2.3:h:getnexx:nxg-100b:-
Getnexx » Nxg-200 » Version: N/A

cpe:2.3:h:getnexx:nxg-200:-
Getnexx » Nxpg-100w » Version: N/A

cpe:2.3:h:getnexx:nxpg-100w:-
Getnexx » Nxal-100 Firmware » Version: Any

cpe:2.3:o:getnexx:nxal-100_firmware:*
Getnexx » Nxg-100b Firmware » Version: Any

cpe:2.3:o:getnexx:nxg-100b_firmware:*
Getnexx » Nxg-200 Firmware » Version: Any

cpe:2.3:o:getnexx:nxg-200_firmware:*
Getnexx » Nxpg-100w Firmware » Version: Any

cpe:2.3:o:getnexx:nxpg-100w_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-1749

Products

Pricing

Contact Us