Franklinfueling

franklinfueling

10 CVEs • 4 products

Products (4)

Click to collapse

Toggle

Ts 550 Evo Firmware

ts-550_evo_firmware

Colibri Firmware

colibri_firmware

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-5885 1Franklinfueling 1Colibri Firmware Nov 21, 2024 Nov 27, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The discontinued FFS Colibri product allows a remote user to access files on the system including files containing login credentials for other users.
CVE-2023-5846 1Franklinfueling 1Ts 550 Evo Firmware Nov 21, 2024 Nov 2, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers decoding admin credentials, resulting in unauthenticated access to the device.
CVE-2022-44039 1Franklinfueling 1Colibri Firmware Apr 24, 2025 Dec 5, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact is: File system rewrite (remote). ¶¶ An attacker can overwrite system files like [system.conf] and [passwd], this occurs b...Show more Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact is: File system rewrite (remote). ¶¶ An attacker can overwrite system files like [system.conf] and [passwd], this occurs because the insecure usage of "fopen" system function with the mode "wb" which allows overwriting file if exists. Overwriting files such as passwd, allows an attacker to escalate his privileges by planting backdoor user with root privilege or change root password.Show less
CVE-2021-46421 1Franklinfueling 1Ts 550 Evo Firmware Nov 21, 2024 Apr 27, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Franklin Fueling Systems FFS T5 Series 1.8.7.7299 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information.
CVE-2021-46420 1Franklinfueling 1Ts 550 Evo Firmware Nov 21, 2024 Apr 27, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information.
CVE-2021-46417 1Franklinfueling 1Colibri Firmware Nov 21, 2024 Apr 7, 2022 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Insecure handling of a download function leads to disclosure of internal files due to path traversal with root privileges in Franklin Fueling Systems Colibri Controller Module 1.8.19.8580.
CVE-2017-6565 1Franklinfueling 1Ts 550 Evo Firmware May 13, 2026 May 1, 2017 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service. As no sanitization c...Show more On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be obtained by exploiting CVE-2013-7247, has the ability to upload files to the server hosting the web service. As no sanitization checks are in place, an attacker can upload a malicious payload.Show less
CVE-2017-6564 1Franklinfueling 1Ts 550 Evo Firmware May 13, 2026 May 1, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. This ability allows for an...Show more On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. This ability allows for an attacker to download sensitive system files from the host machine such as databases which contain information that can aid in further attacks.Show less
CVE-2013-7248 1Franklinfueling 2Ts 550 Evo Ts 550 Evo Firmware Apr 29, 2026 Jan 26, 2014 N/A· v4 N/A· v3 10.0 HIGH· v2 Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, as demonstrated using...Show more Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, as demonstrated using a cmdWebCheckRole action in a TSA_REQUEST.Show less
CVE-2013-7247 1Franklinfueling 2Ts 550 Evo Ts 550 Evo Firmware Apr 29, 2026 Jan 26, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 allows remote attackers to discover sensitive information (user names and password hashes) via the cmdWebG...Show more cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 allows remote attackers to discover sensitive information (user names and password hashes) via the cmdWebGetConfiguration action in a TSA_REQUEST.Show less