Primary

Context

FUXA Path Traversal Vulnerability Allowing Unauthenticated Arbitrary File Write

Vulnerability

Patched

A path traversal vulnerability has been identified in FUXA, a web-based process visualization software. This vulnerability allows unauthenticated, remote attackers to write arbitrary files to any location on the server's filesystem. It affects FUXA versions through 1.2.9 and has been patched in version 1.2.10.

Impact

Exploitation of this vulnerability allows overwriting of application and system files. If an attacker overwrites application code, startup scripts, or configuration files that are subsequently executed or loaded, it could lead to remote code execution. Depending on the deployment configuration and permissions, this may result in a full system compromise, potentially exposing connected ICS/SCADA environments to further actions.

Remediation

Users are strongly encouraged to update to FUXA version 1.2.10, where this vulnerability has been patched.

Added: Feb 10, 2026, 1:48 AM

Updated: Feb 10, 2026, 1:48 AM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

0.8

exploitability

7.3

remediation

7.7

relevance

2.6

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

0.8

exploitability

7.3

remediation

7.7

relevance

2.6

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FUXA Path Traversal Vulnerability Allowing Unauthenticated Arbitrary File Write

Vulnerability

Impact

Remediation

Affected Products

frangoteam FUXA

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating