CNNVD-202602-341 Information
Feb 03, 2026
cve
CNNVD ID
CNNVD-202602-341
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
FUXA是frangoteam开源的一个基于web的过程可视化软件。 FUXA 1.2.7版本存在安全漏洞,该漏洞源于server/settings.default.js中的不安全默认配置导致身份验证被禁用,可能导致未经身份验证的远程攻击者访问敏感API端点、修改项目和控制工业设备。
Description (English)
FUXA is a web-based process visualization software that is an open source for francoteam. The security loophole in version 1.2.7 of FUXA stems from the unsafe default configuration in server/settings.default.js, which has resulted in the disablement of identification, which may result in unidentified remote assailants accessing sensitive API endpoints, modifying projects and controlling industrial equipment.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
frangoteam
Published
2026-02-03
Last Modified
2026-02-24
References
https://github.com/frangoteam/FUXA/blob/master/server/settings.default.js
Patch
https://github.com/frangoteam/FUXA/releases
Share on: