CVE-2021-46417

HIGH EXPLOITED NUCLEI

Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Path Traversal

Title source: llm

Exploitation Summary

CVE-2021-46417 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including Momen Eldawakhly, Henry4E36. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates a Local File Inclusion (LFI) vulnerability in Franklin Fueling Systems Colibri Controller Module 1.8.19.8580. It allows an attacker to read arbitrary files on the system by manipulating the `file_name` parameter in the `tsaupload.cgi` endpoint.

Description

Insecure handling of a download function leads to disclosure of internal files due to path traversal with root privileges in Franklin Fueling Systems Colibri Controller Module 1.8.19.8580.

Exploits (2)

exploitdb WORKING POC

by Momen Eldawakhly · textremotelinux

https://www.exploit-db.com/exploits/50861

View Code ZIP pw:eip

This exploit demonstrates a Local File Inclusion (LFI) vulnerability in Franklin Fueling Systems Colibri Controller Module 1.8.19.8580. It allows an attacker to read arbitrary files on the system by manipulating the `file_name` parameter in the `tsaupload.cgi` endpoint.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Franklin Fueling Systems Colibri Controller Module 1.8.19.8580

No auth needed

Prerequisites: Network access to the target system · The target system must be running the vulnerable version of the software

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by Henry4E36 · remote

https://github.com/Henry4E36/CVE-2021-46417

View Code ZIP pw:eip

This PoC exploits a Local File Inclusion (LFI) vulnerability in Franklin Fueling Systems Colibri Controller Module by sending a crafted HTTP request to read arbitrary files (e.g., /etc/passwd). The script supports single URL or bulk URL testing via a file.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Franklin Fueling Systems Colibri Controller Module

No auth needed

Prerequisites: Network access to the target system · Vulnerable endpoint exposed

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion

HIGHVERIFIEDby For3stCo1d

Shodan: http.html:"Franklin Fueling Systems" || http.html:"franklin fueling systems"

FOFA: body="franklin fueling systems"

References (3)

Core 3

Core References

Exploit, Third Party Advisory x_refsource_misc

https://drive.google.com/drive/folders/1Yu4aVDdrgvs-F9jP3R8Cw7qo_TC7VB-R

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/166610/FFS-Colibri-Controller-Module-1.8.19.8580-Directory-Traversal.html

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/166671/Franklin-Fueling-Systems-Colibri-Controller-Module-1.8.19.8580-Local-File-Inclusion.html

Scores

CVSS v3 7.5

EPSS 0.5915

EPSS Percentile 99.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2023-11-17

CWE

CWE-22

Status published

Products (1)

franklinfueling/colibri_firmware 1.8.19.8580

Published Apr 07, 2022

Tracked Since Feb 18, 2026