Description
Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement CSRF protections on state-changing endpoints such as /goform/setSysTools and other administrative interfaces. As a result, an attacker can craft malicious web requests that are executed in the context of an authenticated administrator’s browser, leading to unauthorized configuration changes, including enabling services or modifying system settings.
Published: 2026-03-23
Score: 7.2 High
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized configuration changes via CSRF in administrative interfaces
Action: Apply Update
AI Analysis

Impact

Nexxt Solutions Nebula 300+ firmware versions up to 12.01.01.37 lack CSRF protection on admin endpoints such as /goform/setSysTools. An attacker who succeeds in inducing an authenticated administrator’s browser to send forged requests can change configuration settings, enabling services or altering system parameters without the user’s knowledge.

Affected Systems

The vulnerability affects the Nexxt Solutions Nebula 300+ product line, specifically firmware releases up to version 12.01.01.37. Devices running any of these firmware versions are susceptible.

Risk and Exploitability

The CVSS score of 7.2 indicates a moderate to high impact; the EPSS score is below 1%, and the issue is not listed in the CISA KEV catalog. Although no exploit has been observed, the attack vector is inferred to be web‑based, relying on CSRF to manipulate an authenticated administrator session. With the correct conditions, an attacker could alter configuration to a detrimental state.

Generated by OpenCVE AI on March 26, 2026 at 12:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Verify the current firmware version on each Nebula 300+ device
  • Download the latest firmware release from the Nexxt Solutions official site
  • Apply the firmware upgrade following the vendor’s documented procedures
  • Confirm that CSRF protections are active on administrative endpoints after the update
  • Continuously monitor configuration changes and restrict administrative access to trusted IP addresses

Generated by OpenCVE AI on March 26, 2026 at 12:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 29 Apr 2026 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Nexxtsolutions nebula300plus
Nexxtsolutions nebula300plus Firmware
CPEs cpe:2.3:h:nexxtsolutions:nebula300plus:-:*:*:*:*:*:*:*
cpe:2.3:o:nexxtsolutions:nebula300plus_firmware:*:*:*:*:*:*:*:*
Vendors & Products Nexxtsolutions nebula300plus
Nexxtsolutions nebula300plus Firmware
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N'}

Thu, 26 Mar 2026 11:00:00 +0000

Type Values Removed Values Added
Description Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement CSRF protections on state-changing administrative endpoints. A remote attacker can induce an authenticated administrator to submit crafted requests that modify device settings, including security-relevant configuration, without the administrator's intent. Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement CSRF protections on state-changing endpoints such as /goform/setSysTools and other administrative interfaces. As a result, an attacker can craft malicious web requests that are executed in the context of an authenticated administrator’s browser, leading to unauthorized configuration changes, including enabling services or modifying system settings.
Title Missing CSRF protection on state-changing endpoints in Nexxt Nebula 300+ Missing CSRF Protection on Administrative Endpoints in Nexxt Nebula 300+

Tue, 24 Mar 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Nexxtsolutions
Nexxtsolutions nebula300+
Vendors & Products Nexxtsolutions
Nexxtsolutions nebula300+

Mon, 23 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 23 Mar 2026 12:45:00 +0000

Type Values Removed Values Added
Description Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement CSRF protections on state-changing administrative endpoints. A remote attacker can induce an authenticated administrator to submit crafted requests that modify device settings, including security-relevant configuration, without the administrator's intent.
Title Missing CSRF protection on state-changing endpoints in Nexxt Nebula 300+
Weaknesses CWE-352
References
Metrics cvssV4_0

{'score': 7.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Nexxtsolutions Nebula300+ Nebula300plus Nebula300plus Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: TuranSec

Published:

Updated: 2026-03-26T10:45:40.996Z

Reserved: 2026-03-09T18:20:23.399Z

Link: CVE-2026-31849

cve-icon Vulnrichment

Updated: 2026-03-23T15:17:49.181Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-23T13:16:30.640

Modified: 2026-04-29T17:43:33.623

Link: CVE-2026-31849

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-26T13:55:18Z

Weaknesses