VDB

CVE-2021-34561

CVE-2021-34561 PUBLISHED CVSS 7.5 HIGH

In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions. Attackers can use DNS Rebinding to bypass any IP or firewall based access restrictions that may be in place, by proxying through their target's browser.

EPSS 0.33% · 56.4th percentile

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.33%
56.4th percentile

Affected Products

VendorProductVersions
pepperl-fuchswha-gw-f2d2-0-as-z2-eth_firmware0
Phoenix ContactWHA-GW-F2D2-0-AS- Z2-ETH3.0.8
Phoenix ContactWHA-GW-F2D2-0-AS- Z2-ETH.EIP3.0.8
pepperl-fuchswha-gw-f2d2-0-as-z2-eth.eip_firmware0

Timeline

  • Aug 31, 2021 CVE Published
  • Sep 1, 2021 EPSS Score
  • Oct 29, 2021 EPSS Score
  • Dec 26, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 22, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • Apr 21, 2022 EPSS Score
  • Jun 18, 2022 EPSS Score
  • Aug 16, 2022 EPSS Score
  • Oct 13, 2022 EPSS Score
  • Dec 10, 2022 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›