Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Franklinfueling Security Vulnerabilities

cve
cve

CVE-2013-7247

cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 allows remote attackers to discover sensitive information (user names and password hashes) via the cmdWebGetConfiguration action in a TSA_REQUEST.

8.3AI Score

0.008EPSS

2014-01-26 01:55 AM
42
cve
cve

CVE-2013-7248

Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, as demonstrated using a cmdWebCheckRole action in a TSA_REQUEST.

7.1AI Score

0.01EPSS

2014-01-26 01:55 AM
39
cve
cve

CVE-2017-6564

On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. This ability allows for an attacker to download sensitive system files from the host machine such as data...

6.5CVSS

6.3AI Score

0.001EPSS

2017-05-01 07:59 PM
34
cve
cve

CVE-2017-6565

On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service. As no sanitization checks are in place, an attacker can upload a malicious payload.

8.8CVSS

8.4AI Score

0.008EPSS

2017-05-01 07:59 PM
33
cve
cve

CVE-2021-46417

Insecure handling of a download function leads to disclosure of internal files due to path traversal with root privileges in Franklin Fueling Systems Colibri Controller Module 1.8.19.8580.

7.5CVSS

7.3AI Score

0.574EPSS

2022-04-07 11:15 AM
60
2
cve
cve

CVE-2021-46420

Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information.

7.5CVSS

7.5AI Score

0.003EPSS

2022-04-27 11:15 AM
46
cve
cve

CVE-2021-46421

Franklin Fueling Systems FFS T5 Series 1.8.7.7299 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information.

7.5CVSS

7.5AI Score

0.003EPSS

2022-04-27 11:15 AM
51
4
cve
cve

CVE-2022-44039

Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact is: File system rewrite (remote). ΒΆΒΆ An attacker can overwrite system files like [system.conf] and [passwd], this occurs because the insecure usage of "fopen" system function with the mode "wb" which a...

9.8CVSS

9.5AI Score

0.003EPSS

2022-12-05 09:15 PM
31
cve
cve

CVE-2023-5846

Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers decoding admin credentials, resulting in unauthenticated access to the device.

9.8CVSS

9.3AI Score

0.001EPSS

2023-11-02 05:15 PM
45
cve
cve

CVE-2023-5885

The discontinued FFS Colibri product allows a remote user to access files on the system including files containing login credentials for other users.

6.5CVSS

6.5AI Score

0.001EPSS

2023-11-27 10:15 PM
18