FSA-202302
FactoryViews bundles many third-party applications which are used in background processes to provide the software's features. From time to time, vulnerabilities in these bundled applications are discovered. These are typically fixed in newer versions of FactoryViews by updating the bundled applications. FactoryViews versions up to and including 1.5.2 contain around 200 such vulnerabilities listed in this advisory.Version 1.6.0 is a security rollup release which includes updates to all bundled applications and fixes these vulnerabilities. At this time, FactoryViews Lite cannot be updated beyond version 1.1. FactoryViews 1.7 unifies the non-Lite and Lite versions and fixes these vulnerabilities for users of FactoryViews Lite.
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| FactoryViews 1.7.0 | ||
| FactoryViews <1.6.0 | ||
| FactoryViews Lite <=1.1 | ||
| FactoryViews 1.6.0 |
Exploit Intelligence
- some works on CVE-2018-19518 (github-poc-repo)
- alokaranasinghe/cve-2019-11043 (github-poc-repo)
- This repository provides a dockerized infrastructure and a python implementation of the CVE-2019-11043 exploit. (github-poc-repo)
- PHP-FPM Remote Code Execution Vulnerability (CVE-2019-11043) POC in Python (github-poc-repo)
- quick and dirty PHP RCE proof of concept (github-poc-repo)
- php-fpm+Nginx RCE (github-poc-repo)
- PHP-FPM Remote Command Execution Exploit (github-poc-repo)
- CVE-2019-11043 (github-poc-repo)
- CVE-2019-11043 LAB (github-poc-repo)
- Tenda AC10 Router exploit stack-based buffer overflow (github-poc-repo)
…and 84 more exploits
Timeline
- Jul 22, 2016 PoC Published
- Jul 10, 2023 CVE Published
- Oct 21, 2023 PoC Published
- Feb 2, 2026 CVE Updated