33 matches found
CVE-2024-8497
Franklin Fueling Systems TS-550 EVO versions prior to 2.26.4.8967 possess a file that can be read arbitrarily that could allow an attacker obtain administrator credentials...
Franklin Fueling TS-550 EVO Automatic Tank Gauge 安全漏洞
Franklin Fueling TS-550 EVO Automatic Tank Gauge is an automated industrial tank gauge from Franklin Fueling USA. A security vulnerability previously existed in the Franklin Fueling TS-550 EVO Automatic Tank Gauge version 2.26.4.8967, which stemmed from administrator credentials being stored in a...
CVE-2024-8497 Franklin Fueling Systems TS-550 EVO Absolute Path Traversal
Franklin Fueling Systems TS-550 EVO versions prior to 2.26.4.8967 possess a file that can be read arbitrarily that could allow an attacker obtain administrator credentials...
CVE-2024-8497
CVE-2024-8497 affects Franklin Fueling Systems TS-550 EVO prior to version 2.26.4.8967. The flaw is an absolute path traversal that allows reading a file containing administrator credentials, enabling an attacker to obtain admin access to the device. The vulnerability is exploitable remotely with...
Franklin Fueling Systems TS-550 EVO
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Franklin Fueling Systems Equipment : TS-550 EVO Automatic Tank Gauge Vulnerability : Absolute Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability allow an...
PT-2024-39057 · Franklin Fueling Systems · Ts-550 Evo
Name of the Vulnerable Software and Affected Versions: Franklin Fueling Systems TS-550 EVO versions prior to 2.26.4.8967 Description: The issue allows an attacker to read a file arbitrarily, potentially obtaining administrator credentials. Recommendations: For Franklin Fueling Systems TS-550 EVO...
CVE-2021-46420
Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information...
Directory traversal
Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information...
Franklin Fueling Systems TS-550 evo File Download Vulnerability
The Franklin Fueling Systems TS-550 evo is a fuel management system from Franklin Fueling Systems USA. The system monitors fuel storage and provides an intuitive and easy to recognize interface for alarm functions. A security vulnerability exists in the Franklin Fueling Systems TS-550 evo version...
Franklin Fueling Systems TS-550 evo File Upload Vulnerability
The Franklin Fueling Systems TS-550 evo is a fuel management system from Franklin Fueling Systems USA. The system monitors fuel storage and provides an intuitive and easy to recognize interface for alarm functions. A security vulnerability exists in the Franklin Fueling Systems TS-550 evo version...
CVE-2017-6564
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. This ability allows for an attacker to download sensitive system files from the host machine such as...
Cross site request forgery (csrf)
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. This ability allows for an attacker to download sensitive system files from the host machine such as...
Design/Logic Flaw
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service. As no sanitization checks are in place, an attacker can upload a malicious payload...
CVE-2017-6565
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service. As no sanitization checks are in place, an attacker can upload a malicious payload...
CVE-2017-6564
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. This ability allows for an attacker to download sensitive system files from the host machine such as...
CVE-2017-6565
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service. As no sanitization checks are in place, an attacker can upload a malicious payload...
CVE-2017-6564
The CVE-2017-6564 vulnerability affects Franklin Fueling Systems TS-550 evo version 2.3.0.7332. The Guest user (lowest privileges) can post to the idSourceFileName parameter under the /download directory, enabling download of sensitive system files such as databases. This is an information disclo...
CVE-2017-6565
The connected sources confirm a concrete vulnerability in Franklin Fueling Systems TS-550 evo firmware 2.3.0.7332. The issue allows the roleDiag user (credentials obtainable via CVE-2013-7247) to upload files to the server hosting the web service due to lack of input sanitization, enabling a mali...
PT-2017-17161 · Franklin Fueling Systems · Franklin Fueling Systems Ts-550 Evo
Name of the Vulnerable Software and Affected Versions: Franklin Fueling Systems TS-550 evo version 2.3.0.7332 Description: The issue allows an attacker with the lowest privileges, as the Guest user, to download sensitive system files from the host machine. This is achieved by posting to the...
PT-2017-17162 · Franklin Fueling Systems · Franklin Fueling Systems Ts-550 Evo
Name of the Vulnerable Software and Affected Versions: Franklin Fueling Systems TS-550 evo version 2.3.0.7332 Description: The issue allows an attacker to upload malicious files to the server hosting the web service due to the lack of sanitization checks. This can be achieved by exploiting a...