Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
getnexx nxal-100 firmware vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2023-1748
The listed versions of Nexx Smart Home devices use hard-coded credentials. An attacker with unauthenticated access to the Nexx Home mobile application or the affected firmware could view the credentials and access the MQ Telemetry Server (MQTT) server and the ability to remotely ...
Getnexx Nxal-100 Firmware
Getnexx Nxg-100b Firmware
Getnexx Nxpg-100w Firmware
Getnexx Nxg-200 Firmware
1 Article
7.1
CVSSv3
CVE-2023-1750
The listed versions of Nexx Smart Home devices lack proper access control when executing actions. An attacker with a valid NexxHome deviceId could retrieve device history, set device settings, and retrieve device information.
Getnexx Nxal-100 Firmware
Getnexx Nxg-100b Firmware
Getnexx Nxpg-100w Firmware
Getnexx Nxg-200 Firmware
1 Article
6.5
CVSSv3
CVE-2023-1749
The listed versions of Nexx Smart Home devices lack proper access control when executing actions. An attacker with a valid NexxHome deviceId could send API requests that the affected devices would execute.
Getnexx Nxal-100 Firmware
Getnexx Nxg-100b Firmware
Getnexx Nxpg-100w Firmware
Getnexx Nxg-200 Firmware
1 Article
5.3
CVSSv3
CVE-2023-1751
The listed versions of Nexx Smart Home devices use a WebSocket server that does not validate if the bearer token in the Authorization header belongs to the device attempting to associate. This could allow any authorized user to receive alarm information and signals meant for othe...
Getnexx Nxal-100 Firmware
Getnexx Nxg-100b Firmware
Getnexx Nxpg-100w Firmware
Getnexx Nxg-200 Firmware
1 Article
4.3
CVSSv3
CVE-2023-1752
The listed versions of Nexx Smart Home devices could allow any user to register an already registered alarm or associated device with only the device’s MAC address.
Getnexx Nxal-100 Firmware
Getnexx Nxg-100b Firmware
Getnexx Nxpg-100w Firmware
Getnexx Nxg-200 Firmware
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started