Vulnerabilities > Doverfuelingsolutions > Progauge Maglink LX4 Console Firmware > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-25	CVE-2024-45066	Command Injection vulnerability in Doverfuelingsolutions products A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP sub-menu can allow a remote attacker to inject arbitrary commands. network low complexity doverfuelingsolutions CWE-77 critical	9.8
2024-09-25	CVE-2024-43693	Command Injection vulnerability in Doverfuelingsolutions products A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject arbitrary commands. network low complexity doverfuelingsolutions CWE-77 critical	9.8
2024-09-25	CVE-2024-43692	Unspecified vulnerability in Doverfuelingsolutions products An attacker can directly request the ProGauge MAGLINK LX CONSOLE resource sub page with full privileges by requesting the URL directly. network low complexity doverfuelingsolutions critical	9.8
2024-09-25	CVE-2024-43423	Use of Hard-coded Credentials vulnerability in Doverfuelingsolutions products The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed. network low complexity doverfuelingsolutions CWE-798 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.