4 matches found
FUXA Unauthenticated Remote Code Execution in Node-RED Integration
Summary Description An authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to execute arbitrary code on the server when the Node-RED plugin is enabled. This affects FUXA version 1.2.8 through version 1.2.10. This has been patched in FUXA version 1.2.11. Impact...
CVE-2026-25939
Summary : FUXA is a web-based SCADA/HMI/dashboard. From v1.2.8 to v1.2.10, an authorization bypass allows an unauthenticated, remote attacker to create/modify arbitrary schedulers via the REST endpoint (notably POST/DELETE /api/scheduler), exposing connected ICS/SCADA environments to follow-on ac...
CVE-2026-25938 FUXA Unauthenticated Remote Code Execution in Node-RED Integration
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. From 1.2.8 through 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to execute arbitrary code on the server when the Node-RED plugin is enabled. This has been patched in FUXA...
CVE-2026-25938
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. From 1.2.8 through 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to execute arbitrary code on the server when the Node-RED plugin is enabled. This has been patched in FUXA...