CVE-2025-69983
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
FUXA v1.2.7 allows Remote Code Execution (RCE) via the project import functionality. The application does not properly sanitize or sandbox user-supplied scripts within imported project files. An attacker can upload a malicious project containing system commands, leading to full system compromise.
Affected (1)
Products: Frangoteam: Fuxa
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.2.7 |
References (1)
Source: cve@mitre.org
Product
Timeline
No history available yet.