HIGH🇬🇧 English

CVE-2017-6565

CVSS 8.8v3.0pub. 2017-05-01upd. 2026-05-13

On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service. As no sanitization checks are in place, an attacker can upload a malicious payload.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Franklinfueling Ts 550 Evo

    HW
    Franklinfueling
    wszystkie wersje
  • Franklinfueling Ts 550 Evo Firmware

    OS
    Franklinfueling
    2.3.0.7332
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-5846HIGH8.3ten sam produkt

Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers decoding admin crede...

CVE-2021-46420HIGH7.5ten sam produkt

Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vuln...

CVE-2021-46421HIGH7.5ten sam produkt

Franklin Fueling Systems FFS T5 Series 1.8.7.7299 is affected by an unauthenticated directory traversal vulner...

CVE-2013-7248HIGH10.0ten sam produkt

Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded p...

CVE-2017-6564MEDIUM6.5ten sam produkt

On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privilege...