Skip to main content

Nebula 300 CVE-2026-31847

| EUVDEUVD-2026-14413 HIGH
Hidden Functionality (CWE-912)
2026-03-23 TuranSec
8.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
8.5 HIGH
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

4
Re-analysis Queued
Apr 29, 2026 - 17:52 vuln.today
cvss_changed
EUVD ID Assigned
Mar 23, 2026 - 12:45 euvd
EUVD-2026-14413
Analysis Generated
Mar 23, 2026 - 12:45 vuln.today
CVE Published
Mar 23, 2026 - 12:07 nvd
HIGH 8.5

DescriptionCVE.org

Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows remote enablement of a Telnet service. Once enabled, the service exposes a privileged diagnostic management interface over the network, increasing the attack surface and enabling further compromise of the device.

AnalysisAI

A hidden functionality vulnerability exists in the /goform/setSysTools endpoint of Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37, allowing unauthenticated remote attackers to enable a Telnet service that exposes a privileged diagnostic management interface. This significantly expands the attack surface and enables further device compromise through an unencrypted network protocol. No CVSS score, EPSS data, or KEV status is currently available, but the severity is elevated given the remote nature of exploitation and the direct access to privileged diagnostic functions.

Technical ContextAI

The vulnerability resides in improper access control to hidden administrative functionality within the Nebula 300+ network device firmware (CPE: cpe:2.3:a:nexxt_solutions:nebula_300+:*:*:*:*:*:*:*:*). The root cause falls under CWE-912 (Hidden Functionality), which describes situations where code exists but is not intended to be visible or callable through normal interfaces, yet remains accessible through direct invocation. The /goform/setSysTools endpoint fails to properly validate authorization before allowing enablement of the Telnet service, a cleartext remote administration protocol that typically requires authentication but may expose diagnostic capabilities with reduced or no credential requirements. This represents a design flaw where privileged functionality was left accessible despite ostensibly being disabled or hidden from the standard user interface.

RemediationAI

Upgrade Nexxt Solutions Nebula 300+ firmware to a version later than 12.01.01.37 as released by the vendor. Check the official Nexxt Solutions support portal and the product documentation at https://www.nexxtsolutions.com/connectivity/internal-products/ARN02304U6/ for the latest patched firmware. If immediate patching is not possible, implement network access controls by restricting access to the device's administrative interface to trusted IP ranges only, disable Telnet at the firewall level if it is not required, and monitor device logs for suspicious HTTP requests to /goform/setSysTools. Consider placing the device on an isolated management network segment separate from production traffic.

Share

CVE-2026-31847 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy