These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A privilege escalation vulnerability in Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE allows authenticated users to elevate their privileges to administrator. The flaw exists in the access control mechanism of the MAGLINK LX4 CONSOLE, where a valid user can modify their own privilege level without proper authorization checks. This vulnerability has a CVSS 3.1 score of 8.8 (HIGH severity), indicating [truncated]
A critical command injection vulnerability in Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE allows remote unauthenticated attackers to execute arbitrary commands via a specially crafted POST request to the IP sub-menu. Published September 24, 2024, this vulnerability carries a CVSS 3.1 score of 10.0 (Critical) with network attack vector, low attack complexity, no privileges required, and no user int [truncated]
A critical command injection vulnerability in Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE allows remote attackers to execute arbitrary commands via a specially crafted POST request to the UTILITY sub-menu. The vulnerability affects MAGLINK LX CONSOLE versions 3.4.2.2.6 and earlier, and MAGLINK LX4 CONSOLE versions 4.17.9e and earlier. CISA published this advisory on September 24, 2024.
A critical authentication bypass vulnerability in Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE allows remote attackers to gain full administrative privileges by directly requesting protected resource subpages via URL manipulation. The flaw, published September 24, 2024, enables unauthenticated network-based access to sensitive console functions without requiring credentials or user interaction.
A critical vulnerability in Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE products allows unauthenticated remote attackers to gain full administrative access due to a hardcoded, unchangeable administrative password in the web application. The vulnerability affects MAGLINK LX CONSOLE versions 3.4.2.2.6 and earlier, and MAGLINK LX4 CONSOLE versions 4.17.9e and earlier. With a CVSS 3.1 score of 9.8 (Cr [truncated]
A stored cross-site scripting (XSS) vulnerability exists in Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE and MAGLINK LX4 CONSOLE due to insufficient input filtering on fields used to render web pages. The vulnerability, published on September 24, 2024, carries a CVSS 3.1 score of 8.8 (HIGH), indicating significant risk through network attack vectors with low complexity and no required privileges. A [truncated]
