CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-31851

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement rate limiting or account lockout mechanisms on authentication interfaces. An attacker can perform unlimited authentication attempts against endpoints that rely on credential validation, enabling brute-force attacks to guess administrative credentials without restriction.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.2%

CVSS Severity

CVSS v3 Score 9.8

References

https://nexxt-connectivity-frontend.s3.amazonaws.com/media/docs/Nebula300+_v12.01.01.37.zip
https://www.nexxtsolutions.com/connectivity/internal-products/ARN02304U6/

Products affected by CVE-2026-31851

Nexxtsolutions » Nebula300plus » Version: N/A

cpe:2.3:h:nexxtsolutions:nebula300plus:-
Nexxtsolutions » Nebula300plus Firmware » Version: Any

cpe:2.3:o:nexxtsolutions:nebula300plus_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-31851

Products

Pricing

Contact Us