Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pepperl-fuchs wha-gw-f2d2-0-as- z2-eth.eip firmware vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2021-34563
In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a cookie. This allows the cookie's value to be read or set by client-side JavaScript.
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth Firmware 3.0.8
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth Firmware 3.0.9
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth.eip Firmware 3.0.8
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth.eip Firmware 3.0.9
445
VMScore
CVE-2021-34559
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 a vulnerability may allow remote malicious users to rewrite links and URLs in cached pages to arbitrary strings.
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth Firmware
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth.eip Firmware
187
VMScore
CVE-2021-34560
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete enabled. The stored credentials can be captured by an attacker who gains control over the user's computer. Therefore the user must have logged in at least once.
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth Firmware
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth.eip Firmware
605
VMScore
CVE-2021-34561
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions. Attackers can use DNS Rebinding to bypass any IP or firewall based access restrictions that may be in place, by proxying t...
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth Firmware
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth.eip Firmware
668
VMScore
CVE-2021-34565
In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded credentials.
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth Firmware
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth.eip Firmware
445
VMScore
CVE-2021-33555
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.7 the filename parameter is vulnerable to unauthenticated path traversal attacks, enabling read access to arbitrary files on the server.
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth Firmware
Pepperl-fuchs Wha-gw-f2d2-0-as- Z2-eth.eip Firmware
383
VMScore
CVE-2021-34562
In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application's response.
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth Firmware 3.0.8
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth.eip Firmware 3.0.8
187
VMScore
CVE-2021-34564
Any cookie-stealing vulnerabilities within the application or browser would enable an malicious user to steal the user's credentials to the PEPPERL+FUCHS WirelessHART-Gateway 3.0.9.
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth Firmware 3.0.9
Pepperl-fuchs Wha-gw-f2d2-0-as- Z2-eth.eip Firmware 3.0.9
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started