Nebula 300 Tenda F3 V2 0 Firmware
Monthly
An unauthenticated credential disclosure vulnerability exists in the /goform/ate endpoint of Nexxt Solutions Nebula 300+ firmware (including Tenda F3 v2.0 rebranded variants) through version 12.01.01.37, allowing adjacent network attackers to retrieve the Base64-encoded administrator password without authentication. The recovered credentials enable full device authentication and privilege escalation, facilitating further compromise when combined with other firmware weaknesses. No active KEV listing or public POC availability is currently documented, though the CVSS 6.5 score reflects the significant confidentiality impact despite network-adjacency requirement.
An unauthenticated credential disclosure vulnerability exists in the /goform/ate endpoint of Nexxt Solutions Nebula 300+ firmware (including Tenda F3 v2.0 rebranded variants) through version 12.01.01.37, allowing adjacent network attackers to retrieve the Base64-encoded administrator password without authentication. The recovered credentials enable full device authentication and privilege escalation, facilitating further compromise when combined with other firmware weaknesses. No active KEV listing or public POC availability is currently documented, though the CVSS 6.5 score reflects the significant confidentiality impact despite network-adjacency requirement.