FUXA v1.2.7 allows Remote Code Execution (RCE) via the project import functionality. The application does not properly sanitize or sandbox user-supplied scripts within imported project files. An attacker can upload a malicious project containing system commands, leading to full system compromise.
CVSS
No CVSS.
References
Configurations
No configuration.
History
03 Feb 2026, 18:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-02-03 18:16
Updated : 2026-02-03 18:16
NVD link : CVE-2025-69983
Mitre link : CVE-2025-69983
CVE.ORG link : CVE-2025-69983
JSON object : View
Products Affected
No product.
CWE
No CWE.