CVE-2021-46417 Scanner
Detects 'Path Traversal' vulnerability in Franklin Fueling Systems Colibri Controller Module affects v. 1.8.19.8580.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
1 month
Scan only one
Url
Toolbox
-
Franklin Fueling Systems Colibri Controller Module is a software program developed for the management of fueling stations and fuel systems. This intelligent device is designed to operate standalone fuel dispensers, tank gauging systems, and other equipment used in fuel station management. The Colibri Controller Module software facilitates communication between fueling devices and systems, ensuring the seamless operation of various fueling operations. With its intuitive interface and advanced functionalities, the Franklin Fueling Systems Colibri Controller Module provides a comprehensive solution for fuel station management, making operations more efficient and effective.
One of the critical vulnerabilities affecting Franklin Fueling Systems Colibri Controller Module is the CVE-2021-46417 vulnerability. This vulnerability arises due to insecure handling of a download function, leading to a path traversal using root privileges. The issue relates to how the software handles downloads by allowing attackers to traverse and access files beyond the specified download location. This vulnerability allows an attacker to gain access to sensitive data, files, and configurations, which could leave the entire fueling system and business exposed.
When exploited, this vulnerability can lead to a severe breach, which could result in loss of sensitive data, disruption of operations, and financial losses. Notably, attackers can leverage the vulnerability to gain elevated privileges and execute arbitrary code, leading to a complete takeover of the system. The attacker can use this access to gain control of the fuel management systems and manipulate fueling systems, potentially causing significant damage to the equipment and infrastructure. The consequences of such an attack can be catastrophic, resulting in significant environmental damage, jeopardizing public safety, and incurring losses of millions of dollars.
With the pro features of s4e.io, users can quickly learn about vulnerabilities in their digital assets. The platform offers extensive insights into various vulnerabilities affecting digital assets and provides actionable recommendations to mitigate risks. s4e.io users can access real-time and highly informative content on a variety of vulnerabilities as they emerge, which helps safeguard the integrity of digital assets. The platform's pro features provide on-demand cybersecurity consultations, threat assessments, and remediation services to help organizations improve their cybersecurity posture. By leveraging these features, individuals and organizations can monitor and mitigate digital asset risks, ensuring they are protected against potential threats.
REFERENCES
- http://packetstormsecurity.com/files/166610/FFS-Colibri-Controller-Module-1.8.19.8580-Directory-Traversal.html
- http://packetstormsecurity.com/files/166671/Franklin-Fueling-Systems-Colibri-Controller-Module-1.8.19.8580-Local-File-Inclusion.html
- https://drive.google.com/drive/folders/1Yu4aVDdrgvs-F9jP3R8Cw7qo_TC7VB-R