fuxa-server
npm11 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting fuxa-serverpage 1 of 1
- CVE-2023-31717HIGHCVSS 7.5EG 7.52023-09-22
A SQL Injection attack in FUXA <= 1.1.12 allows exfiltration of confidential information from the database.
- CVE-2023-31718HIGHCVSS 7.5EG 7.52023-09-22
FUXA <= 1.1.12 is vulnerable to Local via Inclusion via /api/download.
- CVE-2023-31719CRITICALCVSS 9.8EG 9.82023-09-22
FUXA <= 1.1.12 is vulnerable to SQL Injection via /api/signin.
- CVE-2026-25751HIGHCVSS 7.5EG 7.5✓ Fixed in 1.2.102026-02-06
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation al…
- CVE-2026-25752CRITICALCVSS 9.1EG 9.1✓ Fixed in 1.2.102026-02-06
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An authorization bypass vulnerability in FUXA allows an unauthenticated, remote attacker to modify device tags via WebSockets. Exploitation allows an unauthenticated…
- CVE-2026-25893CRITICALCVSS 9.8EG 9.8✓ Fixed in 1.2.102026-02-09
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. Prior to 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to gain administrative access via the heartbeat refresh AP…
- CVE-2026-25894CRITICALCVSS 9.8EG 9.8✓ Fixed in 1.2.102026-02-09
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An insecure default configuration in FUXA allows an unauthenticated, remote attacker to gain administrative access and execute arbitrary code on the server. This aff…
- CVE-2026-25895CRITICALCVSS 9.8EG 9.8✓ Fixed in 1.2.102026-02-09
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. A path traversal vulnerability in FUXA allows an unauthenticated, remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This affe…
- CVE-2026-25938CRITICALCVSS 9.8EG 9.8✓ Fixed in 1.2.112026-02-09
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. From 1.2.8 through 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to execute arbitrary code on the server when the…
- CVE-2026-25939CRITICALCVSS 9.1EG 9.1✓ Fixed in 1.2.112026-02-09
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. From 1.2.8 through version 1.2.10, an authorization bypass vulnerability in the FUXA allows an unauthenticated, remote attacker to create and modify arbitrary sched…
- CVE-2026-25951HIGHCVSS 7.2EG 7.2✓ Fixed in 1.2.112026-02-09
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. Prior to 1.2.11, there is a flaw in the path sanitization logic allows an authenticated attacker with administrative privileges to bypass directory traversal protect…
Check whether fuxa-server is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for fuxa-server CVEs against the assets you own.
Start Free Scan →