Lucene search
HistorySep 25, 2024 - 1:15 a.m.
CVE-2024-45066
remote attacker
post request
progauge maglink
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.6%
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP
sub-menu can allow a remote attacker to inject arbitrary commands.
Affected configurations
Node
doverfuelingsolutionsprogauge_maglink_lx_console_firmwareRange≤3.4.2.2.6
doverfuelingsolutionsprogauge_maglink_lx_consoleMatch-
Node
doverfuelingsolutionsprogauge_maglink_lx4_console_firmwareRange≤4.17.9e
doverfuelingsolutionsprogauge_maglink_lx4_consoleMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| doverfuelingsolutions | progauge_maglink_lx_console_firmware | * | cpe:2.3:o:doverfuelingsolutions:progauge_maglink_lx_console_firmware:*:*:*:*:*:*:*:* |
| doverfuelingsolutions | progauge_maglink_lx_console | - | cpe:2.3:h:doverfuelingsolutions:progauge_maglink_lx_console:-:*:*:*:*:*:*:* |
| doverfuelingsolutions | progauge_maglink_lx4_console_firmware | * | cpe:2.3:o:doverfuelingsolutions:progauge_maglink_lx4_console_firmware:*:*:*:*:*:*:*:* |
| doverfuelingsolutions | progauge_maglink_lx4_console | - | cpe:2.3:h:doverfuelingsolutions:progauge_maglink_lx4_console:-:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2024-45066
2024-09-25 01:15:43
vulnrichment
vulnrichment
cvelist
cvelist
ics
ics
Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE
2024-09-24 12:00:00
thn
thn
Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks
2024-09-30 11:55:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.6%
Related for NVD:CVE-2024-45066