5 matches found
Exploit for Missing Authentication for Critical Function in Frangoteam Fuxa
CVE-2026-25895 — FUXA for code execution within 60 seconds...
Use of Hard-coded Cryptographic Key
Overview @frangoteam/fuxa is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key in the authentication process when a static fallback JWT signing secret is used if no custom secret is configured. An...
Directory Traversal
Overview @frangoteam/fuxa is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Directory Traversal due to the improper sanitization of nested traversal sequences e.g., ....// in multiple API endpoints. An attacker can gain full syst...
Exploit for Command Injection in Frangoteam Fuxa
exploitCVE-2023-33831 CVE-2023-33831 Installation ba...
Exploit for Command Injection in Frangoteam Fuxa
Unauthenticated RCE FUXA CVE-2023-33831 The vulnerability affe...