漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Reversible ecos_pw Cookie Allows Authentication Bypass in Nexxt Nebula 300+
Vulnerability Description
Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecos_pw cookie for authentication, which contains Base64-encoded credential data combined with a static suffix. Because the encoding is reversible and lacks integrity protection, an attacker can reconstruct or forge a valid cookie value without proper authentication. This allows unauthorized administrative access to protected endpoints.
CVSS Information
N/A
Vulnerability Type
敏感数据的明文存储
Vulnerability Title
Nexxt Solutions Nebula 300+ 安全漏洞
Vulnerability Description
Nexxt Solutions Nebula 300+是美国Nexxt Solutions公司的一款无线路由器。 Nexxt Solutions Nebula 300+ 12.01.01.37及之前版本存在安全漏洞,该漏洞源于身份验证材料存储不当,可能导致伪造有效管理会话。
CVSS Information
N/A
Vulnerability Type
N/A