Doverfuelingsolutions Progauge Maglink Lx4 Console Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Doverfuelingsolutions Progauge Maglink Lx4 Console Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-43693 — CVSS 10.0 (critical): A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject arbitrary…
CVE-2024-45066 — CVSS 10.0 (critical): A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP sub-menu can allow a remote attacker to inject arbitrary commands.
CVE-2024-43423 — CVSS 9.8 (critical): The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed.
CVE-2024-43692 — CVSS 9.8 (critical): An attacker can directly request the ProGauge MAGLINK LX CONSOLE resource sub page with full privileges by requesting the URL directly.
CVE-2024-41725 — CVSS 8.8 (high): ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to render pages which may allow cross site…
CVE-2024-45373 — CVSS 8.8 (high): Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator.