CVE-2026-31847 HIGH

CVE-2026-31847: Hidden Functionality Enables Remote Telnet Activation via /goform/setSysTools in Nexxt Nebula 300+

Vendor Nexxt Solutions
Product Nebula 300+
Weakness CWE-912
Published March 23, 2026
Last update March 26, 2026

CVSS base score

8.5/10
Attack vector Adjacent
Attack complexity Low
Privileges required High
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows remote enablement of a Telnet service. By sending a crafted POST request with parameters such as telnetManageEn=true and telnetPwd, an authenticated attacker can activate a Telnet service on port 23. This exposes a privileged diagnostic interface that is not intended for external access and can be used to interact with the underlying system.

Key dates

02Disclosure timeline

March 23, 2026 CVE published
March 26, 2026 Record updated