CVE-2024-41725

ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to render pages which may allow cross site scripting.
References
Link Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-04 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:doverfuelingsolutions:progauge_maglink_lx_console_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:doverfuelingsolutions:progauge_maglink_lx_console:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:doverfuelingsolutions:progauge_maglink_lx4_console_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:doverfuelingsolutions:progauge_maglink_lx4_console:-:*:*:*:*:*:*:*

History

30 Sep 2024, 19:55

Type Values Removed Values Added
First Time Doverfuelingsolutions progauge Maglink Lx4 Console Firmware
Doverfuelingsolutions progauge Maglink Lx4 Console
Doverfuelingsolutions
Doverfuelingsolutions progauge Maglink Lx Console
Doverfuelingsolutions progauge Maglink Lx Console Firmware
References () https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-04 - () https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-04 - Third Party Advisory, US Government Resource
CPE cpe:2.3:o:doverfuelingsolutions:progauge_maglink_lx4_console_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:doverfuelingsolutions:progauge_maglink_lx_console_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:doverfuelingsolutions:progauge_maglink_lx4_console:-:*:*:*:*:*:*:*
cpe:2.3:h:doverfuelingsolutions:progauge_maglink_lx_console:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 8.8
v2 : unknown
v3 : 6.1

26 Sep 2024, 13:32

Type Values Removed Values Added
Summary
  • (es) ProGauge MAGLINK LX CONSOLE no tiene filtrado suficiente en los campos de entrada que se utilizan para renderizar páginas, lo que puede permitir Cross Site Scripting.

25 Sep 2024, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-25 01:15

Updated : 2024-09-30 19:55


NVD link : CVE-2024-41725

Mitre link : CVE-2024-41725

CVE.ORG link : CVE-2024-41725


JSON object : View

Products Affected

doverfuelingsolutions

  • progauge_maglink_lx4_console
  • progauge_maglink_lx_console_firmware
  • progauge_maglink_lx_console
  • progauge_maglink_lx4_console_firmware
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')