CVE-2026-25951 – FUXA has a Path Traversal Sanitization Bypass

CVE ID : CVE-2026-25951

Published : Feb. 9, 2026, 11:16 p.m. | 1 hour, 5 minutes ago

Description : FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. Prior to 1.2.11, there is a flaw in the path sanitization logic allows an authenticated attacker with administrative privileges to bypass directory traversal protections. By using nested traversal sequences (e.g., ….//), an attacker can write arbitrary files to the server filesystem, including sensitive directories like runtime/scripts. This leads to Remote Code Execution (RCE) when the server reloads the malicious scripts. This vulnerability is fixed in 1.2.11.

Severity: 8.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2026-25951 – FUXA has a Path Traversal Sanitization Bypass

تکمیل ظرفیت سرور لهستان

سرور مناسب برای ترید و ارز دیجیتال

دیتاسنتر جدید در لهستان

سرور های جدید از اسپانیا

AMD EPYC & Ryzen از کشور انگلستان

آفر های جدید AMD EPYC و AMD Ryzen

آفر سرور اختصاصی از آمریکا

افزایش قیمت دامنه های ir از ۳۱ خرداد

افزایش قیمت جهانی دامنه .com

آفر های جدید سرور اختصاصی مرداد 1403

CVE-2026-25931 – vscode-spell-checker has a workspace-trust bypass Code Execution

سرور های جدید از روسیه-وارز

تخفیف ویژه دامنه .ASIA

ثبت دامنه .IO

انتقال رایگان پسوند دامنه PW

Kerio Control 9.2.4 Build 2223

نوشته های مشابه

CVE-2026-2258 – aardappel lobster wfc.h WaveFunctionCollapse memory corruption

CVE-2025-15147 – WCFM Membership – WooCommerce Memberships for Multivendor Marketplace

CVE-2026-0845 – WCFM – WooCommerce Frontend Manager

CVE-2026-25958 – Cube privilege escalation via a specially crafted request