Skip to main content

Nebula 300 CVE-2026-31850

| EUVDEUVD-2026-14419 MEDIUM
Plaintext Storage of a Password (CWE-256)
2026-03-23 TuranSec GHSA-hp8q-2fwx-rfc5
6.8
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
6.8 MEDIUM
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

3
EUVD ID Assigned
Mar 23, 2026 - 12:45 euvd
EUVD-2026-14419
Analysis Generated
Mar 23, 2026 - 12:45 vuln.today
CVE Published
Mar 23, 2026 - 12:21 nvd
MEDIUM 6.8

DescriptionCVE.org

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files.

AnalysisAI

The Nexxt Solutions Nebula 300+ wireless router stores sensitive administrative credentials and WiFi pre-shared keys in plaintext within exported configuration backup files, enabling information disclosure through CWE-256 (Plaintext Storage of Password). This vulnerability affects firmware versions through 12.01.01.37 and allows an attacker who gains access to a backup file to immediately obtain full administrative and wireless network access without requiring cryptographic attacks. No CVSS score, EPSS data, or active KEV designation is currently available, but the plaintext credential exposure represents a critical risk for any environment relying on configuration backups.

Technical ContextAI

The Nexxt Solutions Nebula 300+ (cpe:2.3:a:nexxt_solutions:nebula_300+:*:*:*:*:*:*:*:*) is a wireless networking device that exports its operational configuration through a backup mechanism. This backup file contains sensitive authentication material, specifically administrative login credentials and WiFi pre-shared keys (PSKs), stored as plaintext rather than encrypted or hashed values. The root cause is classified under CWE-256 (Storage of Password in Plaintext), a fundamental secure coding violation where cryptographic controls for sensitive data at rest are absent. The vulnerability exists in the firmware's backup/export functionality, which serializes configuration without applying encryption or encoding transformations to credential fields before writing them to a file that may be transmitted, stored, or shared for administrative purposes.

RemediationAI

Upgrade Nexxt Solutions Nebula 300+ firmware to a version released after 12.01.01.37; consult https://www.nexxtsolutions.com/connectivity/internal-products/ARN02304U6/ for current patched releases and upgrade instructions. If patching is delayed, implement the following mitigations: store all configuration backup files only on encrypted storage media and encrypt backups in transit using SFTP or similar secure protocols; enforce strict access controls on backup files using OS-level permissions (readable only by necessary administrators); disable automatic backup export functionality if not required; and periodically audit for accidentally exposed backups in cloud storage, version control systems, or email. Rotate all administrative credentials and WiFi pre-shared keys immediately if any backup files may have been compromised or are unaccounted for.

Share

CVE-2026-31850 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy