Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Reversible ecos_pw Cookie Allows Authentication Bypass in Nexxt Nebula 300+
Vulnerability Description
Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecos_pw cookie for authentication, which contains Base64-encoded credential data combined with a static suffix. Because the encoding is reversible and lacks integrity protection, an attacker can reconstruct or forge a valid cookie value without proper authentication. This allows unauthorized administrative access to protected endpoints.
CVSS Information
N/A
Vulnerability Type
敏感数据的明文存储
Vulnerability Title
Nexxt Solutions Nebula 300+ 安全漏洞
Vulnerability Description
Nexxt Solutions Nebula 300+是美国Nexxt Solutions公司的一款无线路由器。 Nexxt Solutions Nebula 300+ 12.01.01.37及之前版本存在安全漏洞,该漏洞源于身份验证材料存储不当,可能导致伪造有效管理会话。
CVSS Information
N/A
Vulnerability Type
N/A