← Back

Ts 550 Evo Firmware

ts-550_evo_firmware

Vendor: Franklinfueling • 7 CVEs

CVEs (7)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-5846
1Franklinfueling
1Ts 550 Evo Firmware
Nov 21, 2024
Nov 2, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers decoding admin credentials, resulting in unauthenticated access to the device.
CVE-2021-46421
1Franklinfueling
1Ts 550 Evo Firmware
Nov 21, 2024
Apr 27, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Franklin Fueling Systems FFS T5 Series 1.8.7.7299 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information.
CVE-2021-46420
1Franklinfueling
1Ts 550 Evo Firmware
Nov 21, 2024
Apr 27, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information.
CVE-2017-6565
1Franklinfueling
1Ts 550 Evo Firmware
May 13, 2026
May 1, 2017
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service. As no sanitization c...Show more
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service. As no sanitization checks are in place, an attacker can upload a malicious payload.Show less
CVE-2017-6564
1Franklinfueling
1Ts 550 Evo Firmware
May 13, 2026
May 1, 2017
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. This ability allows for an...Show more
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. This ability allows for an attacker to download sensitive system files from the host machine such as databases which contain information that can aid in further attacks.Show less
CVE-2013-7248
1Franklinfueling
2Ts 550 Evo
Ts 550 Evo Firmware
Apr 29, 2026
Jan 26, 2014
N/A· v4
N/A· v3
10.0 HIGH· v2
Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, as demonstrated using...Show more
Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, as demonstrated using a cmdWebCheckRole action in a TSA_REQUEST.Show less
CVE-2013-7247
1Franklinfueling
2Ts 550 Evo
Ts 550 Evo Firmware
Apr 29, 2026
Jan 26, 2014
N/A· v4
N/A· v3
5.0 MEDIUM· v2
cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 allows remote attackers to discover sensitive information (user names and password hashes) via the cmdWebG...Show more
cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 allows remote attackers to discover sensitive information (user names and password hashes) via the cmdWebGetConfiguration action in a TSA_REQUEST.Show less