CVE-2024-41725

HIGH

ProGauge MAGLINK LX CONSOLE Firmware < 3.4.2.2.6 and MAGLINK LX4 CONSOLE Firmware < 4.17.9e - Cross-Site Scripting

Title source: llm
STIX 2.1

Description

ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to render pages which may allow cross site scripting.

References (1)

Core 1
Core References
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-04

Scores

CVSS v3 8.8
EPSS 0.0034
EPSS Percentile 26.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-79
Status published
Products (2)
doverfuelingsolutions/progauge_maglink_lx4_console_firmware < 4.17.9e
doverfuelingsolutions/progauge_maglink_lx_console_firmware < 3.4.2.2.6
Published Sep 25, 2024
Tracked Since Feb 18, 2026