Back to overview

CVE-2025-30519

CRITICAL
9.8
CVSS 3.1
Description
Dover Fueling Solutions ProGauge MagLink LX4 Devices have default root credentials that cannot be changed through standard administrative means. An attacker with network access to the device can gain administrative access to the system.

Metadata

CVE ID
CVE-2025-30519
State
PUBLISHED
Assigner
icscert
Reserved
2025-08-18 15:32 UTC
Published
2025-09-18 20:46 UTC
Last updated
2025-09-19 13:05 UTC
Primary CWE
CWE-1391
CWE-1391
Vendor / Product
Dover Fueling Solutions / ProGauge MagLink LX 4
Sources
cve.org  ·  NVD

Severity & Metrics

9.8 CRITICAL CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SSVC — CISA Coordinator
Exploitation
none
Automatable
yes
Tech. Impact
total
Affected products (3)
VendorProductPlatformVersions
Dover Fueling Solutions ProGauge MagLink LX 4 0 < 4.20.3
Dover Fueling Solutions ProGauge MagLink LX Plus 0 < 4.20.3
Dover Fueling Solutions ProGauge MagLink LX Ultimate 0 < 5.20.3
Weakness (CWE)
CWESourceDescription
CWE-1391 cna CWE-1391
CVSS scores (2)
ScoreSeverityVersionSourceVector
9.8 CRITICAL 3.1 cna CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 CRITICAL 4.0 cna CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
References (2)
Back to overview