CVE-2026-31847
CWE-912Published: March 23, 2026· Updated: Mar 26, 2026
Official Description
Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows remote enablement of a Telnet service. By sending a crafted POST request with parameters such as telnetManageEn=true and telnetPwd, an authenticated attacker can activate a Telnet service on port 23. This exposes a privileged diagnostic interface that is not intended for external access and can be used to interact with the underlying system.
Technical Analysis
CVE-2026-31847 requires adjacent network access, limiting remote exploitation but still posing risk in shared or local network environments.
Exploitation requires high privileges, which limits the exposure to scenarios where an attacker has already gained initial access.
CVSS v3.1 Vector Breakdown
Exploit & PoC Resources
All References (2)
Quick Facts
Related CVEs (CWE-912)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-31847 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts