CVE-2024-43693

Опубликовано: 25 сент. 2024

Источник: nvd

CVSS3: 10

CVSS3: 9.8

EPSS Низкий

Описание

A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject arbitrary commands.

Конфигурация 1

Одновременно

cpe:2.3:o:doverfuelingsolutions:progauge_maglink_lx_console_firmware:*:*:*:*:*:*:*:*

Версия до 3.4.2.2.6 (включая)

cpe:2.3:h:doverfuelingsolutions:progauge_maglink_lx_console:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:doverfuelingsolutions:progauge_maglink_lx4_console_firmware:*:*:*:*:*:*:*:*

Версия до 4.17.9e (включая)

cpe:2.3:h:doverfuelingsolutions:progauge_maglink_lx4_console:-:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01055

Низкий

10 Critical

CVSS3

9.8 Critical

CVSS3

CWE-77

GHSA-mrxm-9rwr-qw4f

CVSS3: 10

github

больше 1 года назад

A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject arbitrary commands.

EPSS

Процентиль: 77%

0.01055

Низкий

10 Critical

CVSS3

9.8 Critical

CVSS3

CWE-77