cbcvebase.
CVE-2023-41256
published 2023-09-11

CVE-2023-41256: Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 are vulnerable to authentication…

PriorityP262critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EPSS
0.74%
50.1th percentile
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 are vulnerable to authentication bypass that could allow an unauthorized attacker to obtain user access.

Affected

16 ranges
VendorProductVersion rangeFixed in
dover_fueling_solutionsmaglink_lx_web_console_configuration
dover_fueling_solutionsmaglink_lx_web_console_configuration
dover_fueling_solutionsmaglink_lx_web_console_configuration
dover_fueling_solutionsmaglink_lx_web_console_configuration
dover_fueling_solutionsmaglink_lx_web_console_configuration
dover_fueling_solutionsmaglink_lx_web_console_configuration
dover_fueling_solutionsmaglink_lx_web_console_configuration
dover_fueling_solutionsmaglink_lx_web_console_configuration
doverfuelingsolutionsmaglink_lx_web_console_configuration
doverfuelingsolutionsmaglink_lx_web_console_configuration
doverfuelingsolutionsmaglink_lx_web_console_configuration
doverfuelingsolutionsmaglink_lx_web_console_configuration
doverfuelingsolutionsmaglink_lx_web_console_configuration
doverfuelingsolutionsmaglink_lx_web_console_configuration
doverfuelingsolutionsmaglink_lx_web_console_configuration
doverfuelingsolutionsmaglink_lx_web_console_configuration

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2023-41256 is an authentication bypass via alternate path or channel (CWE-288) in Dover Fueling Solutions MAGLINK LX Web Console Configuration — an unauthenticated remote attacker can obtain user access without credentials. Monitor for unauthenticated or anomalous HTTP requests to the MAGLINK LX Web Console interface.
  • The vulnerability is exploitable remotely with low attack complexity and requires no privileges or user interaction (AV:N/AC:L/PR:N/UI:N), making it trivially exploitable from the network. Alert on any external/internet-facing exposure of MAGLINK LX Web Console ports.
  • A companion vulnerability (CVE-2023-36497, CWE-305) allows a guest user to elevate to admin privileges via the same Web Console. Correlate low-privilege login events followed by admin-level actions on MAGLINK LX devices.
  • A companion path traversal vulnerability (CVE-2023-38256, CWE-22) allows an authenticated high-privilege attacker to read arbitrary files on the system. Monitor for HTTP requests containing directory traversal sequences (e.g., '../') targeting the MAGLINK LX Web Console.
  • ·Affected versions are MAGLINK LX Web Console Configuration 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3. Fixed versions are MAGLINK LX 3 version 3.4.2.2.6 and MAGLINK LX 4. Ensure deployed devices are not running any of the listed vulnerable versions.
  • ·Devices may be deployed worldwide beyond the EU/UK certification area. Asset inventory should not be limited to EU/UK deployments.
  • ·No known public exploitation of CVE-2023-41256 had been reported to CISA at time of advisory publication (September 07, 2023), but the high CVSS score (9.1) and zero-prerequisite exploitability make it a high-priority patching target.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.