Browse all 5 CVE security advisories affecting fobybus. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Fobybus operates as a network management platform primarily serving enterprise environments for device monitoring and configuration. Historically, the software has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with five CVEs documented to date. Security researchers have identified authentication bypass weaknesses and insecure default configurations as recurring concerns. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential risks in environments where timely patching isn't prioritized. The platform's broad system access makes proper hardening and regular updates critical for maintaining secure operations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-40172 | Cross-Site Request Forgery (CSRF) in fobybus/social-media-skeleton — social-media-skeletonCWE-352 | 6.5 | Medium | 2023-08-18 |
| CVE-2023-40173 | Unsalted passwords in fobybus/social-media-skeleton — social-media-skeletonCWE-522 | 7.5 | High | 2023-08-18 |
| CVE-2023-40174 | Insufficient Session Expiration in fobybus/social-media-skeleton — social-media-skeletonCWE-613 | 6.8 | Medium | 2023-08-18 |
| CVE-2023-39518 | social-media-skeleton stored Cross-site Scripting vulnerability — social-media-skeletonCWE-79 | 5.4 | Medium | 2023-08-08 |
| CVE-2023-39344 | social-media-skeleton vulnerable to Pre-Auth SQLi leading to RCE — social-media-skeletonCWE-89 | 10.0 | Critical | 2023-08-04 |
This page lists every published CVE security advisory associated with fobybus. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.