Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-31848
PUBLISHED
More InfoOfficial Page
Assigner-TuranSec
Assigner Org ID-309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c
View Known Exploited Vulnerability (KEV) details
Published At-23 Mar, 2026 | 12:09
Updated At-26 Mar, 2026 | 10:45
Rejected At-
▼CVE Numbering Authority (CNA)
Reversible ecos_pw Cookie Allows Authentication Bypass in Nexxt Nebula 300+

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecos_pw cookie for authentication, which contains Base64-encoded credential data combined with a static suffix. Because the encoding is reversible and lacks integrity protection, an attacker can reconstruct or forge a valid cookie value without proper authentication. This allows unauthorized administrative access to protected endpoints.

Affected Products
Vendor
Nexxt Solutions
Product
Nebula 300+
Default Status
affected
Versions
Affected
  • <= 12.01.01.37
Problem Types
TypeCWE IDDescription
CWECWE-312CWE-312 Cleartext Storage of Sensitive Information
Type: CWE
CWE ID: CWE-312
Description: CWE-312 Cleartext Storage of Sensitive Information
Metrics
VersionBase scoreBase severityVector
4.08.7HIGH
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
N/AAn attacker who obtains or reconstructs the ecos_pw cookie value can authenticate as an administrator and gain unauthorized access to the device.
CAPEC ID: N/A
Description: An attacker who obtains or reconstructs the ecos_pw cookie value can authenticate as an administrator and gain unauthorized access to the device.
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Angel Barre (call4pwn)
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.nexxtsolutions.com/connectivity/internal-products/ARN02304U6/
N/A
https://nexxt-connectivity-frontend.s3.amazonaws.com/media/docs/Nebula300+_v12.01.01.37.zip
N/A
Hyperlink: https://www.nexxtsolutions.com/connectivity/internal-products/ARN02304U6/
Resource: N/A
Hyperlink: https://nexxt-connectivity-frontend.s3.amazonaws.com/media/docs/Nebula300+_v12.01.01.37.zip
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found