Skip to main content

FUXA CVE-2026-13207

| EUVDEUVD-2026-40409 HIGH
Authentication Bypass by Spoofing (CWE-290)
2026-06-30 icscert GHSA-cgxf-x59w-2x25
8.7
CVSS 4.0 · Vendor: icscert
Share

Severity by source

Vendor (icscert) PRIMARY
8.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.5 HIGH

Network-reachable, low-complexity request with no auth or interaction yields high confidentiality disclosure only; no integrity or availability impact and unchanged scope.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (icscert).

CVSS VectorVendor: icscert

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 30, 2026 - 21:17 vuln.today

DescriptionCVE.org

FUXA versions 1.3.1 and prior contain an authentication bypass vulnerability via dot-segment path normalization in the REST API. The API router fails to normalize dot-segment sequences before applying authentication middleware, allowing unauthenticated requests to access protected endpoints by prefixing paths with dot-segments such as /api/./users, /api/./roles, and /api/project/../users. These requests bypass authentication checks and return sensitive user and role data without credentials.

AnalysisAI

Authentication bypass in FUXA SCADA/HMI versions 1.3.1 and prior lets remote unauthenticated attackers reach protected REST API endpoints by inserting dot-segment sequences (e.g. /api/./users, /api/project/../users) that the router fails to normalize before applying its authentication middleware. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach FUXA REST API over network
Delivery
Craft /api/./users dot-segment request
Exploit
Bypass authentication middleware
Execution
Receive user and role data
Impact
Harvest accounts for follow-on access

Vulnerability AssessmentAI

Exploitation Exploitation requires only network reachability to the FUXA REST API; the specific trigger is supplying a request path containing unnormalized dot-segments (e.g. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are consistent and point to a genuine priority for exposed instances. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who can reach the FUXA web API over the network sends a crafted GET request such as /api/./users or /api/project/../users; the dot-segment evades the authentication middleware while the handler still serves the data, returning user accounts and role assignments with no login. The harvested credential and role metadata can then be used to plan deeper compromise of the SCADA/HMI environment. …
Remediation Upgrade to a fixed FUXA release once published; consult the GitHub releases page (https://github.com/frangoteam/FUXA/releases) and the CISA advisory (https://www.cisa.gov/news-events/ics-advisories/icsa-26-181-02) for the exact patched version, as no fixed version number was provided in this input. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Conduct immediate inventory of all FUXA deployments and versions; restrict REST API network access to authorized personnel only. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-13207 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy