Dover Fueling Solutions Progauge Maglink Lx 4 vulnerabilities
4 known vulnerabilities affecting dover_fueling_solutions/progauge_maglink_lx_4.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH1
Vulnerabilities
Page 1 of 1
CVE-2025-30519P2CRITICALCVSS 9.8fixed in 4.20.32025-09-18
CVE-2025-30519 [CRITICAL] CWE-1391 CVE-2025-30519: Dover Fueling Solutions ProGauge MagLink LX4 Devices have default root credentials that cannot be ch
Dover Fueling Solutions ProGauge MagLink LX4 Devices have default root credentials that cannot be changed through standard
administrative means. An attacker with network access to the device can
gain administrative access to the system.
nvd
CVE-2025-54807P2CRITICALCVSS 9.8fixed in 4.20.32025-09-18
CVE-2025-54807 [CRITICAL] CWE-321 CVE-2025-54807: The secret used for validating authentication tokens is hardcoded in device firmware for affected v
The secret used for validating authentication tokens is hardcoded in
device firmware for affected versions. An attacker who obtains the
signing key can bypass authentication, gaining complete access to the
system.
nvd
CVE-2025-5310P2CRITICALCVSS 9.8fixed in 4.20.32025-06-27
CVE-2025-5310 [CRITICAL] CWE-306 CVE-2025-5310: Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated targ
Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated target communication framework (TCF) interface on a specific port. Files can be created, deleted, or modified, potentially leading to remote code execution.
nvd
CVE-2025-55068P3HIGHCVSS 8.2fixed in 4.20.32025-09-18
CVE-2025-55068 [HIGH] CWE-190 CVE-2025-55068: Dover Fueling Solutions ProGauge MagLink LX4 Devices fail to handle Unix time values beyond a certai
Dover Fueling Solutions ProGauge MagLink LX4 Devices fail to handle Unix time values beyond a certain point.
An attacker can manually change the system time to exploit this
limitation, potentially causing errors in authentication and leading to a
denial-of-service condition.
nvd