Vendor

Frangoteam

1 brief RSS

FUXA 1.2.8 Authentication Bypass and Remote Command Execution Vulnerability

FUXA 1.2.8 and earlier is vulnerable to an authentication bypass vulnerability (CVE-2025-69985) that allows remote command execution by exploiting the /api/runscript endpoint with a crafted JavaScript payload.

FUXA authentication-bypass remote-code-execution web-application scada

2r 2t 1c Jan 3, 2024