CVE-2026-31851

N/A Unknown
Published: March 23, 2026 Modified: March 26, 2026
View on NVD

Description

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement rate limiting or account lockout mechanisms on authentication interfaces. An attacker can perform unlimited authentication attempts against endpoints that rely on credential validation, enabling brute-force attacks to guess administrative credentials without restriction.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://nexxt-connectivity-frontend.s3.amazonaws.com/media/docs/Nebula300+_v12.01.01.37.zip
Source: 309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c
https://www.nexxtsolutions.com/connectivity/internal-products/ARN02304U6/
Source: 309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c

2 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.0%
10th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-307

Related CVEs

CVE-2026-4049 N/A
CVE-2026-41455 8.5
CVE-2026-41454 8.3
CVE-2026-41314 N/A
CVE-2026-41313 N/A