Doverfuelingsolutions Progauge_maglink_lx4_console

6 CVEs affecting Doverfuelingsolutions Progauge_maglink_lx4_console. Latest disclosed: 2024-09-25. Critical: 4, High: 2.

Top CVEs affecting Doverfuelingsolutions Progauge_maglink_lx4_console
CVESeverityScorePublishedSummary
CVE-2024-45066Critical10.02024-09-25A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP sub-menu can allow a remote attacker to inject arbitrary commands.
CVE-2024-43693Critical10.02024-09-25A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject arbitrary commands.
CVE-2024-43692Critical9.82024-09-25An attacker can directly request the ProGauge MAGLINK LX CONSOLE resource sub page with full privileges by requesting the URL directly.
CVE-2024-43423Critical9.82024-09-25The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed.
CVE-2024-45373High8.82024-09-25Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator.
CVE-2024-41725High8.82024-09-25ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to render pages which may allow cross site scripting.