← Smart Home
F

Nexx Smart Garage Controller

Fail
Nexx · 🇺🇸 United States · WiFi + Bluetooth
PolicyApp PermissionsNetwork TrafficFirmwareRegulatory
Technical details
App: Nexx Home
Manufacturer: Nexx

⚠️ The bottom line

A researcher could open any Nexx garage door in America from his laptop. The password was hardcoded — the same for every device. He tried to tell Nexx. They ghosted him. He told CISA. Nexx ghosted them too. He went public. Nexx still said nothing. Every Nexx garage door in the world can be opened remotely, and the company that sold it has gone silent. Every Nexx garage opener in the world uses the same password. The same password is in the firmware. The same password works on the cloud server. With it, you can see every Nexx garage — open or closed — in real time. You can open any of them. One password for everything, hardcoded, unchangeable. This is not a vulnerability. This is an absence of security.

Legal jurisdiction
🇺🇸 United States (headquarters)
CLOUD Act read more →
US govt can demand your data from this company even if stored overseas
FISA §702 / PRISM read more →
NSA collects stored emails, photos, messages without individual warrants
Geofence warrants read more →
Police can demand location data for everyone near a crime scene
Spying
0/4 N/A
Is someone spying on me?
Data Sharing
0/4 N/A
Who gets my data?
Security
3/4 HIGH
Is it actually secure?
Honesty
0/4 N/A
Can I trust what they say?
CONFIGURE High-risk areas that can be partially mitigated with settings changes.
2Contradictions
2Critical
0High
0Medium
2Sources
Findings by concern
Security 3/4 HIGH 2 findings
⚠️ criticalmarketing vs third party research
A researcher could open any Nexx garage door in America from his laptop. The password was hardcoded — the same for every device. He tried to tell Nexx. They ghosted him. He told CISA. Nexx ghosted them too. He went public. Nexx still said nothing. Every Nexx garage door in the world can be opened remotely, and the company that sold it has gone silent.

What they claim: Nexx promotes smart garage control with secure remote access

What we found: Security researcher Sam Sabetan discovered hardcoded credentials in Nexx smart garage controllers that allowed anyone to open, close, or monitor any Nexx garage door in the world. The vulnerability (CVE-2023-1748, CVSS 9.3) also exposed email addresses, device IDs, and first names of all Nexx users. CISA issued an advisory. Nexx never responded to the researcher, CISA, or media.

⚠️ criticalprivacy policy vs third party research
Every Nexx garage opener in the world uses the same password. The same password is in the firmware. The same password works on the cloud server. With it, you can see every Nexx garage — open or closed — in real time. You can open any of them. One password for everything, hardcoded, unchangeable. This is not a vulnerability. This is an absence of security.

What they claim: Nexx describes device security with encrypted communications

What we found: The hardcoded credentials were found in the device firmware and the Nexx cloud API. Every Nexx device used the same universal password to authenticate to the cloud service. The researcher also found the MQTT server (used for device communication) accepted connections with the hardcoded credentials, exposing real-time status of every Nexx device — garage open or closed, alarms armed or disarmed.

Sources