Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Progauge_maglink_lx4_console_firmware
(Doverfuelingsolutions)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 6 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-09-25 | CVE-2024-43692 | An attacker can directly request the ProGauge MAGLINK LX CONSOLE resource sub page with full privileges by requesting the URL directly. | Progauge_maglink_lx4_console_firmware, Progauge_maglink_lx_console_firmware | 9.8 | ||
| 2024-09-25 | CVE-2024-45066 | A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP sub-menu can allow a remote attacker to inject arbitrary commands. | Progauge_maglink_lx4_console_firmware, Progauge_maglink_lx_console_firmware | 9.8 | ||
| 2024-09-25 | CVE-2024-43423 | The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed. | Progauge_maglink_lx4_console_firmware, Progauge_maglink_lx_console_firmware | 9.8 | ||
| 2024-09-25 | CVE-2024-43693 | A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject arbitrary commands. | Progauge_maglink_lx4_console_firmware, Progauge_maglink_lx_console_firmware | 9.8 | ||
| 2024-09-25 | CVE-2024-45373 | Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator. | Progauge_maglink_lx4_console_firmware, Progauge_maglink_lx_console_firmware | 8.8 | ||
| 2024-09-25 | CVE-2024-41725 | ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to render pages which may allow cross site scripting. | Progauge_maglink_lx4_console_firmware, Progauge_maglink_lx_console_firmware | 6.1 |