Hardcoded Password Vulnerability in Franklin Fueling Systems TS-550 Evo Firmware

Hardcoded Password Vulnerability in Franklin Fueling Systems TS-550 Evo Firmware

CVE-2013-7248 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, as demonstrated using a cmdWebCheckRole action in a TSA_REQUEST.

Learn more about our Web App Pen Testing.