CVE-2021-34561
published 2021-08-31CVE-2021-34561: In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions. Attackers can use DNS Rebinding to bypass any IP or firewall based access restrictions that may be in place, by proxying through their target's browser.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pepperl-fuchs | wha-gw-f2d2-0-as-z2-eth.eip_firmware | <= 3.0.8 | — |
| pepperl-fuchs | wha-gw-f2d2-0-as-z2-eth_firmware | <= 3.0.8 | — |
| phoenix_contact | wha-gw-f2d2-0-as_z2-eth | 3.0.8 – 3.0.8 | — |
| phoenix_contact | wha-gw-f2d2-0-as_z2-eth.eip | 3.0.8 – 3.0.8 | — |