Skip to main content

Nebula 300 EUVDEUVD-2026-14417

| CVE-2026-31849 HIGH
Cross-Site Request Forgery (CSRF) (CWE-352)
2026-03-23 TuranSec
7.2
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.2 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

4
Re-analysis Queued
Apr 29, 2026 - 17:52 vuln.today
cvss_changed
EUVD ID Assigned
Mar 23, 2026 - 12:45 euvd
EUVD-2026-14417
Analysis Generated
Mar 23, 2026 - 12:45 vuln.today
CVE Published
Mar 23, 2026 - 12:16 nvd
HIGH 7.2

DescriptionCVE.org

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement CSRF protections on state-changing administrative endpoints. A remote attacker can induce an authenticated administrator to submit crafted requests that modify device settings, including security-relevant configuration, without the administrator's intent.

AnalysisAI

This vulnerability is a Cross-Site Request Forgery (CSRF) flaw affecting the Nexxt Solutions Nebula 300+ device firmware through version 12.01.01.37, where state-changing administrative endpoints lack proper CSRF protections. An attacker can trick an authenticated administrator into submitting malicious requests that modify critical device settings, including security configurations, without the administrator's knowledge or consent. No CVSS score or EPSS data is currently available, and the vulnerability has not been confirmed as actively exploited in the wild, though the lack of CSRF protections on administrative functions represents a significant trust boundary violation.

Technical ContextAI

The vulnerability stems from improper implementation of CSRF defenses on state-changing HTTP endpoints in the Nebula 300+ device management interface. CSRF (CWE-352) occurs when an application fails to validate that requests originate from legitimate users by implementing anti-CSRF tokens, SameSite cookie attributes, or origin validation. The Nexxt Solutions Nebula 300+ (CPE: cpe:2.3:a:nexxt_solutions:nebula_300+:*:*:*:*:*:*:*:*) is a network connectivity device whose firmware processes administrative commands without adequate cross-origin request verification. Because the device firmware is web-administered and targeted at authenticated users with elevated privileges, exploitation could lead to unauthorized changes to network configuration, firewall rules, VPN settings, or other security-critical parameters that would normally require explicit administrative action.

RemediationAI

Upgrade the Nebula 300+ device firmware to a version released after 12.01.01.37, which should include CSRF token validation and proper origin/referer checking on state-changing endpoints. Consult the Nexxt Solutions product page (https://www.nexxtsolutions.com/connectivity/internal-products/ARN02304U6/) for the latest firmware release. Until patching is possible, implement network-level mitigations: restrict access to the device management interface to trusted IP ranges using a firewall or VPN gateway, disable remote management protocols if not actively needed, and enforce that all administrative users access the device only from protected networks where malicious CSRF pages cannot be injected. Additionally, educate administrative users to avoid clicking untrusted links while logged into the device management interface, and consider using a separate browser session or device for device administration.

Share

EUVD-2026-14417 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy