Dover Fueling Solutions (dfs)
Products
1- 6 CVEs
Recent CVEs
6| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-45066 | 0.00 | — | 0.01 | Sep 24, 2024 | A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP sub-menu can allow a remote attacker to inject arbitrary commands. | ||
| CVE-2024-43693 | 0.00 | — | 0.01 | Sep 24, 2024 | A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject arbitrary commands. | ||
| CVE-2024-45373 | 0.00 | — | 0.00 | Sep 24, 2024 | Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator. | ||
| CVE-2024-43423 | 0.00 | — | 0.00 | Sep 24, 2024 | The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed. | ||
| CVE-2024-43692 | 0.00 | — | 0.00 | Sep 24, 2024 | An attacker can directly request the ProGauge MAGLINK LX CONSOLE resource sub page with full privileges by requesting the URL directly. | ||
| CVE-2024-41725 | 0.00 | — | 0.00 | Sep 24, 2024 | ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to render pages which may allow cross site scripting. |
- CVE-2024-45066Sep 24, 2024risk 0.00cvss —epss 0.01
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP sub-menu can allow a remote attacker to inject arbitrary commands.
- CVE-2024-43693Sep 24, 2024risk 0.00cvss —epss 0.01
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject arbitrary commands.
- CVE-2024-45373Sep 24, 2024risk 0.00cvss —epss 0.00
Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator.
- CVE-2024-43423Sep 24, 2024risk 0.00cvss —epss 0.00
The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed.
- CVE-2024-43692Sep 24, 2024risk 0.00cvss —epss 0.00
An attacker can directly request the ProGauge MAGLINK LX CONSOLE resource sub page with full privileges by requesting the URL directly.
- CVE-2024-41725Sep 24, 2024risk 0.00cvss —epss 0.00
ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to render pages which may allow cross site scripting.