Vulnerabilities > Pepperl Fuchs > WHA GW F2D2 0 AS Z2 ETH EIP Firmware > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-31	CVE-2021-33555	Path Traversal vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.7 the filename parameter is vulnerable to unauthenticated path traversal attacks, enabling read access to arbitrary files on the server. network low complexity pepperl-fuchs CWE-22	5.0
2021-08-31	CVE-2021-34559	HTTP Request Smuggling vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 a vulnerability may allow remote attackers to rewrite links and URLs in cached pages to arbitrary strings. network low complexity pepperl-fuchs CWE-444	5.3
2021-08-31	CVE-2021-34560	Insufficiently Protected Credentials vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete enabled. local low complexity pepperl-fuchs CWE-522	5.5
2021-08-31	CVE-2021-34562	Cross-site Scripting vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application's response. network low complexity pepperl-fuchs CWE-79	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.