Primary

Context

FUXA Information Disclosure Vulnerability Allowing Access to InfluxDB Credentials

Vulnerability

Patched

A critical information disclosure vulnerability exists in FUXA, a web-based process visualization software, through version 1.2.9. This vulnerability allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials, including those for InfluxDB. Exploitation of this vulnerability enables access to the full system configuration and could lead to unauthorized reading, modification, or deletion of historical process data. Additionally, the InfluxDB database could be corrupted, causing a denial-of-service condition.

Impact

Exploitation of this vulnerability allows for unauthorized access to InfluxDB administrative credentials, enabling an attacker to authenticate to the database, manipulate or delete process data, or disrupt database operations, causing a denial-of-service condition.

Remediation

Users are advised to update to FUXA version 1.2.10, where this vulnerability has been patched.

Added: Feb 6, 2026, 7:33 PM

Updated: Feb 6, 2026, 11:56 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

5.0

exploitability

6.6

remediation

7.7

relevance

2.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

5.0

exploitability

6.6

remediation

7.7

relevance

2.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FUXA Information Disclosure Vulnerability Allowing Access to InfluxDB Credentials

Vulnerability

Impact

Remediation

Affected Products

frangoteam FUXA

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating