GHSA-RG3M-CFQ7-G6H6 FUXA Vulnerable to Unauthenticated Remote Code Execution via Script Test Mode Authorization Bypass

Summary An unauthenticated Remote Code Execution vulnerability exists in FUXA when secureEnabled is set to true. The POST /api/runscript endpoint checks authorization against the stored script's permission by ID, but when test: true is set in the request, it compiles and executes attacker-supplie...

📄 FUXA 1.2.8 Authentication Bypass / Remote Code Execution

This Metasploit module adds support for exploiting CVE-2025-69985 in FUXA SCADA/HMI software versions 1.2.8 and below. The vulnerability allows unauthenticated access to the /api/runscript endpoint due to an authentication bypass, leading to remote code execution via Node.js childprocess.execSync...

Exploit for CVE-2025-69985

FUXA ≤ 1.2.8 Auth Bypass + RCE CVE-2025-69985...

CVE-2025-69985

FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution RCE. The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trusts the HTTP "Referer" header to validate internal requests. A remote unauthenticated attacker can...

FUXA has JWT Authentication Bypass via HTTP Referer header spoofing

FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution RCE. The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trusts the HTTP "Referer" header to validate internal requests. A remote unauthenticated attacker can...

GHSA-4R4R-4JP4-WWF9 FUXA has JWT Authentication Bypass via HTTP Referer header spoofing

FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution RCE. The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trusts the HTTP "Referer" header to validate internal requests. A remote unauthenticated attacker can...

CVE-2025-69985

FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution RCE. The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trusts the HTTP "Referer" header to validate internal requests. A remote unauthenticated attacker can...

CVE-2025-69985

FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution RCE. The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trusts the HTTP "Referer" header to validate internal requests. A remote unauthenticated attacker can...

CVE-2025-69985

FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution RCE. The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trusts the HTTP "Referer" header to validate internal requests. A remote unauthenticated attacker can...

CVE-2025-69985

CVE-2025-69985 affects FUXA 1.2.8 and earlier. The issue is an authentication bypass in server/api/jwt-helper.js that improperly trusts the HTTP Referer header, allowing unauthenticated remote access to the protected /api/runscript endpoint and arbitrary Node.js code execution. Public references ...

PT-2026-21744

Name of the Vulnerable Software and Affected Versions FUXA versions 1.2.8 and prior Description FUXA versions 1.2.8 and prior contain an Authentication Bypass issue that can lead to Remote Code Execution RCE. The issue resides in the server/api/jwt-helper.js middleware, which incorrectly relies o...

VulnCheck KEV: CVE-2023-33831

A remote command execution RCE vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request...

CVE-2023-33831

A remote command execution RCE vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request...

FUXA Command Injection Vulnerability

FUXA is an open source web-based process visualization SCADA/HMI/Dashboard software. A security vulnerability exists in FUXA version 1.1.13, which stems from a Remote Command Execution RCE vulnerability in the /api/runscript endpoint. An attacker can exploit the vulnerability to execute arbitrary...

CVE-2023-33831

A remote command execution RCE vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request...

PT-2023-4830

Name of the Vulnerable Software and Affected Versions FUXA version 1.1.13 Description A remote command execution vulnerability in the "/api/runscript" endpoint allows attackers to execute arbitrary commands via a crafted POST request. This issue is related to the lack of input data sanitization,...