Vulnerabilities > Pepperl Fuchs > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2024-38501 | Cross-site Scripting vulnerability in Pepperl-Fuchs products An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device. | 6.1 |
| 2021-08-31 | CVE-2021-34559 | Unspecified vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 a vulnerability may allow remote attackers to rewrite links and URLs in cached pages to arbitrary strings. | 5.3 |
| 2021-08-31 | CVE-2021-34562 | Unspecified vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application's response. | 6.1 |
| 2021-08-31 | CVE-2021-34564 | Unspecified vulnerability in Pepperl-Fuchs products Any cookie-stealing vulnerabilities within the application or browser would enable an attacker to steal the user's credentials to the PEPPERL+FUCHS WirelessHART-Gateway 3.0.9. | 5.5 |
| 2021-01-22 | CVE-2020-12514 | NULL Pointer Dereference vulnerability in Pepperl-Fuchs products Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd | 4.9 |
| 2021-01-22 | CVE-2020-12512 | Cross-site Scripting vulnerability in Pepperl-Fuchs products Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting | 5.4 |
| 2018-01-04 | CVE-2017-5753 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | 5.6 |