VDB
CVE-2021-34561
CVE-2021-34561
PUBLISHED
CVSS 7.5 HIGH
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions. Attackers can use DNS Rebinding to bypass any IP or firewall based access restrictions that may be in place, by proxying through their target's browser.
EPSS 0.33% · 56.4th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.33%
56.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| pepperl-fuchs | wha-gw-f2d2-0-as-z2-eth_firmware | 0 |
| Phoenix Contact | WHA-GW-F2D2-0-AS- Z2-ETH | 3.0.8 |
| Phoenix Contact | WHA-GW-F2D2-0-AS- Z2-ETH.EIP | 3.0.8 |
| pepperl-fuchs | wha-gw-f2d2-0-as-z2-eth.eip_firmware | 0 |
Exploit Intelligence
Timeline
- Aug 31, 2021 CVE Published
- Sep 1, 2021 EPSS Score
- Oct 29, 2021 EPSS Score
- Dec 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 22, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 21, 2022 EPSS Score
- Jun 18, 2022 EPSS Score
- Aug 16, 2022 EPSS Score
- Oct 13, 2022 EPSS Score
- Dec 10, 2022 EPSS Score