Doverfuelingsolutions: >> Progauge Maglink Lx4 Console Firmware Security Vulnerabilities
An attacker can directly request the ProGauge MAGLINK LX CONSOLE
resource sub page with full privileges by requesting the URL directly.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-09-25
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE
UTILITY sub-menu can allow a remote attacker to inject arbitrary
commands.
CVSS Score
10.0
EPSS Score
0.004
Published
2024-09-25
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP
sub-menu can allow a remote attacker to inject arbitrary commands.
CVSS Score
10.0
EPSS Score
0.004
Published
2024-09-25
Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-09-25
The web application for ProGauge MAGLINK LX4 CONSOLE contains an
administrative-level user account with a password that cannot be
changed.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-09-25
ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input
fields that are used to render pages which may allow cross site
scripting.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-09-25