CVE-2013-7247

Franklin Fueling Systems TS-550 evo <2.4.0 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-7247.

AI-analyzed exploit summary The advisory details two vulnerabilities in Franklin Fueling's TS-550 evo device: insufficient access control allowing password hash retrieval (CVE-2013-7247) and hardcoded technician credentials enabling privilege escalation (CVE-2013-7248). It includes technical details, proof-of-concept curl commands, and remediation steps.

Description

cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 allows remote attackers to discover sensitive information (user names and password hashes) via the cmdWebGetConfiguration action in a TSA_REQUEST.

Exploits (1)

exploitdb WRITEUP
webappshardware
https://www.exploit-db.com/exploits/31180

The advisory details two vulnerabilities in Franklin Fueling's TS-550 evo device: insufficient access control allowing password hash retrieval (CVE-2013-7247) and hardcoded technician credentials enabling privilege escalation (CVE-2013-7248). It includes technical details, proof-of-concept curl commands, and remediation steps.

Classification
Writeup 100%
Attack Type
Info Leak | Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Franklin Fueling TS-550 evo (firmware < 2.4.0)
No auth needed
Prerequisites: Network access to the device · Guest user access (for CVE-2013-7247)
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

EPSS 0.0274
EPSS Percentile 84.3%

Details

CWE
CWE-264
Status published
Products (3)
franklinfueling/ts-550_evo
franklinfueling/ts-550_evo_firmware 2.0.0.6833
franklinfueling/ts-550_evo_firmware 2.3.1.7492
Published Jan 26, 2014
Tracked Since Feb 18, 2026