CVE-2025-69985

Name of the Vulnerable Software and Affected Versions FUXA versions 1.2.8 and prior

Description FUXA versions 1.2.8 and prior contain an Authentication Bypass issue that can lead to Remote Code Execution (RCE). The issue resides in the server/api/jwt-helper.js middleware, which incorrectly relies on the HTTP "Referer" header for validating internal requests. An unauthenticated remote attacker can bypass JWT authentication by manipulating the Referer header to match the server's host. Successful exploitation grants access to the protected /api/runscript endpoint, enabling the attacker to execute arbitrary Node.js code on the server.

Recommendations Versions prior to 1.2.8 should be updated.