CVE-2013-7248

Published: Jan 26, 2014Modified: Apr 29, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, as demonstrated using a cmdWebCheckRole action in a TSA_REQUEST.

Affected (3)

Products: Franklinfueling: Ts 550 Evo Firmware, Ts 550 Evo

Franklinfueling

2 products

Ts 550 Evo Firmware

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Franklinfueling Ts 550 Evo Firmware	Version 2.0.0.6833
Franklinfueling Ts 550 Evo Firmware	Version 2.3.1.7492
Franklinfueling Ts 550 Evo	All versions

Related CWEs

References (2)

https://www.trustwave.com/spiderlabs/advisories/TWSL2014-001.txt

Source: cve@mitre.org

Exploit

https://www.trustwave.com/spiderlabs/advisories/TWSL2014-001.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

Timeline

No history available yet.