Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Hidden Functionality Enables Remote Telnet Activation via /goform/setSysTools in Nexxt Nebula 300+
Vulnerability Description
Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows remote enablement of a Telnet service. By sending a crafted POST request with parameters such as telnetManageEn=true and telnetPwd, an authenticated attacker can activate a Telnet service on port 23. This exposes a privileged diagnostic interface that is not intended for external access and can be used to interact with the underlying system.
CVSS Information
N/A
Vulnerability Type
隐藏功能
Vulnerability Title
Nexxt Solutions Nebula 300+ 安全漏洞
Vulnerability Description
Nexxt Solutions Nebula 300+是美国Nexxt Solutions公司的一款无线路由器。 Nexxt Solutions Nebula 300+ 12.01.01.37及之前版本存在安全漏洞,该漏洞源于/goform/setSysTools端点存在隐藏功能,可能导致远程启用Telnet服务。
CVSS Information
N/A
Vulnerability Type
N/A