QwikSec

Security Database

CVE

CWE

Training

CVE-2026-25895

Published: Feb 9, 2026

Modified: Feb 11, 2026

PUBLISHED

Description

FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. A path traversal vulnerability in FUXA allows an unauthenticated, remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This affects FUXA through version 1.2.9. This issue has been patched in FUXA version 1.2.10.

Vendor	Product	Versions
frangoteam	FUXA	affected `< 1.2.10`

Weaknesses (CWE)

References

https://github.com/frangoteam/FUXA/security/advisories/GHSA-88qh-cphv-996c

x_refsource_CONFIRM

https://github.com/frangoteam/FUXA/commit/22c2192f5d9beef8a787c45eff3a14c24dbb5f96

x_refsource_MISC

https://github.com/frangoteam/FUXA/releases/tag/v1.2.10

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.