Vulnerabilities > Franklinfueling

DATE CVE VULNERABILITY TITLE RISK
2023-11-27 CVE-2023-5885 Path Traversal vulnerability in Franklinfueling Colibri Firmware
The discontinued FFS Colibri product allows a remote user to access files on the system including files containing login credentials for other users.
network
low complexity
franklinfueling CWE-22
6.5
2023-11-02 CVE-2023-5846 Use of Password Hash With Insufficient Computational Effort vulnerability in Franklinfueling Ts-550 EVO Firmware 1.8.7.7299
Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers decoding admin credentials, resulting in unauthenticated access to the device.
network
low complexity
franklinfueling CWE-916
critical
9.8
2022-12-05 CVE-2022-44039 Incorrect Authorization vulnerability in Franklinfueling Colibri Firmware 1.9.22.8925
Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite.
network
low complexity
franklinfueling CWE-863
critical
9.8
2022-04-27 CVE-2021-46420 Path Traversal vulnerability in Franklinfueling Ts-550 EVO Firmware 2.23.4.8936
Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information.
network
low complexity
franklinfueling CWE-22
7.5
2022-04-27 CVE-2021-46421 Path Traversal vulnerability in Franklinfueling Ts-550 EVO Firmware 1.8.7.7299
Franklin Fueling Systems FFS T5 Series 1.8.7.7299 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information.
network
low complexity
franklinfueling CWE-22
7.5
2022-04-07 CVE-2021-46417 Path Traversal vulnerability in Franklinfueling Colibri Firmware 1.8.19.8580
Insecure handling of a download function leads to disclosure of internal files due to path traversal with root privileges in Franklin Fueling Systems Colibri Controller Module 1.8.19.8580.
network
low complexity
franklinfueling CWE-22
7.5
2017-05-01 CVE-2017-6565 Missing Authorization vulnerability in Franklinfueling Ts-550 EVO Firmware 2.3.0.7332
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service.
network
low complexity
franklinfueling CWE-862
8.8
2017-05-01 CVE-2017-6564 Missing Authorization vulnerability in Franklinfueling Ts-550 EVO Firmware 2.3.0.7332
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory.
network
low complexity
franklinfueling CWE-862
6.5