Use of Password Hash With Insufficient Computational Effort in Franklin Fueling System TS-550
Description
Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers decoding admin credentials, resulting in unauthenticated access to the device.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: < 1.9.23.8960
- Range: 0
Patches
Vulnerability mechanics
Root cause
"Use of a password hash with insufficient computational effort allows attackers to decode admin credentials [CWE-916] [ref_id=1]."
Attack vector
An attacker can remotely decode admin credentials because the device uses a password hash with insufficient computational effort [CWE-916] [ref_id=1]. No authentication or prior access is required, and the attack complexity is low [ref_id=1]. The advisory notes that public exploits are available, lowering the barrier to exploitation [ref_id=1].
Affected code
The advisory does not specify particular functions or files. The vulnerability affects Franklin Fueling System TS-550 versions prior to 1.9.23.8960 [ref_id=1].
What the fix does
Franklin Fueling Systems released TS-550 version 1.9.23.8960 to fix the vulnerability [ref_id=1]. The advisory does not include a patch diff, so the specific code changes are unknown. The fix likely strengthens the password hashing mechanism to resist decoding attacks [ref_id=1].
Preconditions
- configThe target device must be running TS-550 firmware prior to version 1.9.23.8960
- networkThe attacker must have network access to the device (exploitable remotely)
Generated on May 26, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1News mentions
0No linked articles in our index yet.