Vulnerabilities (CVE)

Filtered by vendor Doverfuelingsolutions

Filtered by product Progauge Maglink Lx Console

Total 6 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2024-43693	1 Doverfuelingsolutions	4 Progauge Maglink Lx4 Console, Progauge Maglink Lx4 Console Firmware, Progauge Maglink Lx Console and 1 more	2024-10-01	N/A	9.8 CRITICAL
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject arbitrary commands.
CVE-2024-43692	1 Doverfuelingsolutions	4 Progauge Maglink Lx4 Console, Progauge Maglink Lx4 Console Firmware, Progauge Maglink Lx Console and 1 more	2024-10-01	N/A	9.8 CRITICAL
An attacker can directly request the ProGauge MAGLINK LX CONSOLE resource sub page with full privileges by requesting the URL directly.
CVE-2024-45066	1 Doverfuelingsolutions	4 Progauge Maglink Lx4 Console, Progauge Maglink Lx4 Console Firmware, Progauge Maglink Lx Console and 1 more	2024-10-01	N/A	9.8 CRITICAL
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP sub-menu can allow a remote attacker to inject arbitrary commands.
CVE-2024-45373	1 Doverfuelingsolutions	4 Progauge Maglink Lx4 Console, Progauge Maglink Lx4 Console Firmware, Progauge Maglink Lx Console and 1 more	2024-10-01	N/A	8.8 HIGH
Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator.
CVE-2024-43423	1 Doverfuelingsolutions	4 Progauge Maglink Lx4 Console, Progauge Maglink Lx4 Console Firmware, Progauge Maglink Lx Console and 1 more	2024-10-01	N/A	9.8 CRITICAL
The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed.
CVE-2024-41725	1 Doverfuelingsolutions	4 Progauge Maglink Lx4 Console, Progauge Maglink Lx4 Console Firmware, Progauge Maglink Lx Console and 1 more	2024-09-30	N/A	6.1 MEDIUM
ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to render pages which may allow cross site scripting.