Naxclow

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-50101	Naxclow Naxclow	hig	0.53	8.1	—		Jun 11, 2026	Naxclow devices use a server-side, per-device relay credential that never rotates and is re-issued to the device on each boot. Because this credential remains valid indefinitely and cannot be reset or revoked by the legitimate owner, any party that obtains it through any…
CVE-2026-50244	Naxclow Naxclow	med	0.34	5.3	—		Jun 11, 2026	The Naxclow platform exposes a registration endpoint that accepts signed requests containing a batch prefix and an arbitrary caller-supplied account identifier, without validating any ownership relationship. Each call mints a new sequential device identifier and returns the…

CVE-2026-50101higJun 11, 2026
Naxclow
Naxclow
risk 0.53cvss 8.1epss —
Naxclow devices use a server-side, per-device relay credential that never rotates and is re-issued to the device on each boot. Because this credential remains valid indefinitely and cannot be reset or revoked by the legitimate owner, any party that obtains it through any…
CVE-2026-50244medJun 11, 2026
Naxclow
Naxclow
risk 0.34cvss 5.3epss —
The Naxclow platform exposes a registration endpoint that accepts signed requests containing a batch prefix and an arbitrary caller-supplied account identifier, without validating any ownership relationship. Each call mints a new sequential device identifier and returns the…