CVE-2023-41256
CRITICALDoverfuelingsolutions Maglink LX Web Console Configuration - Authentication Bypass
Title source: ruleDescription
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 are vulnerable to authentication bypass that could allow an unauthorized attacker to obtain user access.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01
Scores
CVSS v3
9.1
EPSS
0.0074
EPSS Percentile
49.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-288
Status
published
Products (8)
doverfuelingsolutions/maglink_lx_web_console_configuration
2.5.1
doverfuelingsolutions/maglink_lx_web_console_configuration
2.5.2
doverfuelingsolutions/maglink_lx_web_console_configuration
2.5.3
doverfuelingsolutions/maglink_lx_web_console_configuration
2.6.1
doverfuelingsolutions/maglink_lx_web_console_configuration
2.11
doverfuelingsolutions/maglink_lx_web_console_configuration
3.0
doverfuelingsolutions/maglink_lx_web_console_configuration
3.2
doverfuelingsolutions/maglink_lx_web_console_configuration
3.3
Published
Sep 11, 2023
Tracked Since
Feb 18, 2026