Filtered by vendor Franklinfueling
Subscriptions
Filtered by product Ts-550 Evo Firmware
Subscriptions
Total
8 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-5846 | 1 Franklinfueling | 2 Ts-550 Evo, Ts-550 Evo Firmware | 2024-11-21 | 8.3 High |
Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers decoding admin credentials, resulting in unauthenticated access to the device. | ||||
CVE-2021-46421 | 1 Franklinfueling | 2 Ts-550 Evo, Ts-550 Evo Firmware | 2024-11-21 | 7.5 High |
Franklin Fueling Systems FFS T5 Series 1.8.7.7299 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information. | ||||
CVE-2021-46420 | 1 Franklinfueling | 2 Ts-550 Evo, Ts-550 Evo Firmware | 2024-11-21 | 7.5 High |
Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information. | ||||
CVE-2017-6565 | 1 Franklinfueling | 2 Ts-550 Evo, Ts-550 Evo Firmware | 2024-11-21 | N/A |
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service. As no sanitization checks are in place, an attacker can upload a malicious payload. | ||||
CVE-2017-6564 | 1 Franklinfueling | 2 Ts-550 Evo, Ts-550 Evo Firmware | 2024-11-21 | N/A |
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. This ability allows for an attacker to download sensitive system files from the host machine such as databases which contain information that can aid in further attacks. | ||||
CVE-2013-7248 | 1 Franklinfueling | 2 Ts-550 Evo, Ts-550 Evo Firmware | 2024-11-21 | N/A |
Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, as demonstrated using a cmdWebCheckRole action in a TSA_REQUEST. | ||||
CVE-2013-7247 | 1 Franklinfueling | 2 Ts-550 Evo, Ts-550 Evo Firmware | 2024-11-21 | N/A |
cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 allows remote attackers to discover sensitive information (user names and password hashes) via the cmdWebGetConfiguration action in a TSA_REQUEST. | ||||
CVE-2024-8497 | 1 Franklinfueling | 1 Ts-550 Evo Firmware | 2024-09-26 | 7.5 High |
Franklin Fueling Systems TS-550 EVO versions prior to 2.26.4.8967 possess a file that can be read arbitrarily that could allow an attacker obtain administrator credentials. |
Page 1 of 1.