2 matches found
CVE-2026-13207 Frangoteam FUXA SCADA/HMI Authentication Bypass by Spoofing
FUXA versions 1.3.1 and prior contain an authentication bypass vulnerability via dot-segment path normalization in the REST API. The API router fails to normalize dot-segment sequences before applying authentication middleware, allowing unauthenticated requests to access protected endpoints by...
CVE-2026-47717
creationtimestamp| type| source ---|---|--- 2026-05-26 16:06:13+00:00| published-proof-of-concept| https://github.com/frangoteam/FUXA/security/advisories/GHSA-q3w6-q3hc-c5x6 2026-06-18 02:57:08+00:00| confirmed|...