Количество 2
Количество 2
CVE-2025-69970
FUXA v1.2.7 contains an insecure default configuration vulnerability in server/settings.default.js. The 'secureEnabled' flag is commented out by default, causing the application to initialize with authentication disabled. This allows unauthenticated remote attackers to access sensitive API endpoints, modify projects, and control industrial equipment immediately after installation.
GHSA-r5m2-fqcf-qrf7
FUXA contains an insecure default configuration vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-69970 FUXA v1.2.7 contains an insecure default configuration vulnerability in server/settings.default.js. The 'secureEnabled' flag is commented out by default, causing the application to initialize with authentication disabled. This allows unauthenticated remote attackers to access sensitive API endpoints, modify projects, and control industrial equipment immediately after installation. | CVSS3: 9.3 | 0% Низкий | 5 дней назад |
| GHSA-r5m2-fqcf-qrf7 FUXA contains an insecure default configuration vulnerability | 0% Низкий | 5 дней назад |
Уязвимостей на страницу