23 matches found
EUVD-2025-30196
Malicious code in bioql PyPI...
EUVD-2025-30192
Malicious code in bioql PyPI...
CVE-2025-30519
Dover Fueling Solutions ProGauge MagLink LX4 Devices have default root credentials that cannot be changed through standard administrative means. An attacker with network access to the device can gain administrative access to the system...
CVE-2025-30519
Dover Fueling Solutions ProGauge MagLink LX4 Devices have default root credentials that cannot be changed through standard administrative means. An attacker with network access to the device can gain administrative access to the system...
CVE-2025-30519 Dover Fueling Solutions ProGauge MagLink LX4 Devices Use of Weak Credentials
Dover Fueling Solutions ProGauge MagLink LX4 Devices have default root credentials that cannot be changed through standard administrative means. An attacker with network access to the device can gain administrative access to the system...
CVE-2025-54807 Dover Fueling Solutions ProGauge MagLink LX4 Devices Use of Hard-coded Cryptographic Key
The secret used for validating authentication tokens is hardcoded in device firmware for affected versions. An attacker who obtains the signing key can bypass authentication, gaining complete access to the system...
CVE-2025-54807
CVE-2025-54807 affects Dover Fueling Solutions ProGauge MagLink LX4 devices and related MAGLINK LX Console family. The root cause is a hard-coded cryptographic key used to validate authentication tokens embedded in affected device firmware. This allows an attacker who obtains the signing key to b...
CVE-2025-54807 Dover Fueling Solutions ProGauge MagLink LX4 Devices Use of Hard-coded Cryptographic Key
The secret used for validating authentication tokens is hardcoded in device firmware for affected versions. An attacker who obtains the signing key can bypass authentication, gaining complete access to the system...
CVE-2025-55068
CVE-2025-55068 affects Dover Fueling Solutions ProGauge MagLink LX4 Devices (and related MAGLINK LX products noted in connected sources). The vulnerability arises from the devices’ handling of Unix time values beyond a certain point, allowing a network-available attacker to manually adjust the sy...
CVE-2025-55068 Dover Fueling Solutions ProGauge MagLink LX4 Devices Integer Overflow or Wraparound
Dover Fueling Solutions ProGauge MagLink LX4 Devices fail to handle Unix time values beyond a certain point. An attacker can manually change the system time to exploit this limitation, potentially causing errors in authentication and leading to a denial-of-service condition...
Dover Fueling Solutions ProGauge MagLink LX4 Devices
RISK EVALUATION Successful exploitation of these vulnerabilities could result in a remote attacker causing a denial-of-service condition or gaining administrative access to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of...
PT-2025-38479
Name of the Vulnerable Software and Affected Versions Dover Fueling Solutions ProGauge MagLink LX4 Devices affected versions not specified Description Dover Fueling Solutions ProGauge MagLink LX4 Devices have default root credentials that cannot be changed through standard administrative means. A...
Dover Fueling Solutions ProGauge MagLink LX4 安全漏洞
The Dover Fueling Solutions ProGauge MagLink LX4 is an automated tank gauging system console from Dover Fueling Solutions, USA. A security vulnerability exists in several Dover products that stems from the use of default root credentials that cannot be changed through standard administrative...
CVE-2024-43423
The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed...
CVE-2024-45373
Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator...
CVE-2024-45373
Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator...
CVE-2024-43423
The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed...
CVE-2024-43423
The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user account with a password that cannot be changed...
CVE-2024-45373 Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE Improper Privilege Management
Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator...
CVE-2024-45373
CVE-2024-45373 concerns Dover Fueling Solutions ProGauge MAGLINK LX4 CONSOLE (and LX CONSOLE) with an improper privilege management flaw. A authenticated user can elevate their privileges to administrator by changing their level after login, enabling full control of the device application and pot...