In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a cookie. This allows the cookie's value to be read or set by client-side JavaScript.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pepperl-fuchs wha-gw-f2d2-0-as-z2-eth_firmware 3.0.8 |
||
pepperl-fuchs wha-gw-f2d2-0-as-z2-eth_firmware 3.0.9 |
||
pepperl-fuchs wha-gw-f2d2-0-as-z2-eth.eip_firmware 3.0.8 |
||
pepperl-fuchs wha-gw-f2d2-0-as-z2-eth.eip_firmware 3.0.9 |