Описание
cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 allows remote attackers to discover sensitive information (user names and password hashes) via the cmdWebGetConfiguration action in a TSA_REQUEST.
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:franklinfueling:ts-550_evo_firmware:2.0.0.6833:*:*:*:*:*:*:*
cpe:2.3:o:franklinfueling:ts-550_evo_firmware:2.3.1.7492:*:*:*:*:*:*:*
cpe:2.3:h:franklinfueling:ts-550_evo:-:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.17247
Средний
5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 allows remote attackers to discover sensitive information (user names and password hashes) via the cmdWebGetConfiguration action in a TSA_REQUEST.
EPSS
Процентиль: 95%
0.17247
Средний
5 Medium
CVSS2
Дефекты
CWE-264