Vulnerabilities > Pepperl Fuchs > WHA GW F2D2 0 AS Z2 ETH Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-31 | CVE-2021-33555 | Unspecified vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.7 the filename parameter is vulnerable to unauthenticated path traversal attacks, enabling read access to arbitrary files on the server. | 7.5 |
| 2021-08-31 | CVE-2021-34559 | Unspecified vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 a vulnerability may allow remote attackers to rewrite links and URLs in cached pages to arbitrary strings. | 5.3 |
| 2021-08-31 | CVE-2021-34561 | Unspecified vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions. | 8.8 |
| 2021-08-31 | CVE-2021-34562 | Unspecified vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application's response. | 6.1 |
| 2021-08-31 | CVE-2021-34563 | Unspecified vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a cookie. | 3.3 |
| 2021-08-31 | CVE-2021-34564 | Unspecified vulnerability in Pepperl-Fuchs products Any cookie-stealing vulnerabilities within the application or browser would enable an attacker to steal the user's credentials to the PEPPERL+FUCHS WirelessHART-Gateway 3.0.9. | 5.5 |
| 2021-08-31 | CVE-2021-34565 | Unspecified vulnerability in Pepperl-Fuchs products In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded credentials. | 9.8 |