8 matches found
CVE-2026-13207
FUXA versions 1.3.1 and prior contain an authentication bypass vulnerability via dot-segment path normalization in the REST API. The API router fails to normalize dot-segment sequences before applying authentication middleware, allowing unauthenticated requests to access protected endpoints by...
FUXA - Unauthenticated Remote Code Execution
A remote command execution RCE vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request. id: CVE-2023-33831 info: name: FUXA - Unauthenticated Remote Code Execution author: gy741 severity: critical description: | A remot...
FUXA <= 1.2.7 - Hardcoded JWT Secret Authentication Bypass
FUXA v1.2.7 contains a hardcoded credentials vulnerability caused by use of a hard-coded secret key in server/api/jwt-helper.js, letting remote attackers forge admin tokens and bypass authentication, exploit requires no special conditions. id: CVE-2025-69971 info: name: FUXA = 1.2.7 - Hardcoded J...
Exploit for Missing Authentication for Critical Function in Frangoteam Fuxa
CVE-2026-25895 — FUXA for code execution within 60 seconds...
Use of Hard-coded Cryptographic Key
Overview @frangoteam/fuxa is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key in the authentication process when a static fallback JWT signing secret is used if no custom secret is configured. An...
Directory Traversal
Overview @frangoteam/fuxa is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Directory Traversal due to the improper sanitization of nested traversal sequences e.g., ....// in multiple API endpoints. An attacker can gain full syst...
Exploit for Command Injection in Frangoteam Fuxa
exploitCVE-2023-33831 CVE-2023-33831 Installation ba...
Exploit for Command Injection in Frangoteam Fuxa
Unauthenticated RCE FUXA CVE-2023-33831 The vulnerability affe...