Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth.eip Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth.eip Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-34565 — CVSS 9.8 (critical): In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded credentials.
CVE-2021-34561 — CVSS 7.5 (high): In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based…
CVE-2021-34560 — CVSS 5.5 (medium): In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete enabled. The stored credentials can be…
CVE-2021-34559 — CVSS 5.4 (medium): In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 a vulnerability may allow remote attackers to rewrite links and URLs in cached pages to…
CVE-2021-34562 — CVSS 5.4 (medium): In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application's response.
CVE-2021-34563 — CVSS 3.3 (low): In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a cookie. This allows the cookie's value to be…