Known Vulnerabilities for products from Pepperl-fuchs
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Pepperl-fuchs".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Pepperl-fuchs can be found at device.report : Pepperl-fuchs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-34565 json | In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded credentials. | 9.8 - CRITICAL | 2021-08-31 | 2022-09-29 |
| CVE-2021-34564 json | Any cookie-stealing vulnerabilities within the application or browser would enable an attacker to steal the user's credential... | 5.5 - MEDIUM | 2021-08-31 | 2021-09-09 |
| CVE-2021-34563 json | In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a cookie. This allows the cookie's... | 3.3 - LOW | 2021-08-31 | 2022-09-29 |
| CVE-2021-34562 json | In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application's response. | 6.1 - MEDIUM | 2021-08-31 | 2022-09-29 |
| CVE-2021-34561 json | In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses ... | 8.8 - HIGH | 2021-08-31 | 2022-09-29 |
| CVE-2021-34560 json | In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete enabled. The stored credent... | 5.5 - MEDIUM | 2021-08-31 | 2022-09-29 |
| CVE-2021-34559 json | In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 a vulnerability may allow remote attackers to rewrite links and URLs in cached... | 5.3 - MEDIUM | 2021-08-31 | 2022-09-29 |
| CVE-2021-33555 json | In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.7 the filename parameter is vulnerable to unauthenticated path traversal attacks... | 7.5 - HIGH | 2021-08-31 | 2021-09-08 |
| CVE-2021-20988 json | In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by... | 7.5 - HIGH | 2021-05-13 | 2021-09-09 |
| CVE-2021-20987 json | A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may... | 8.6 - HIGH | 2021-02-16 | 2022-04-26 |
| CVE-2021-20986 json | A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead t... | 7.5 - HIGH | 2021-02-16 | 2022-04-26 |
| CVE-2020-12525 json | M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserializ... | 7.8 - HIGH | 2021-01-22 | 2022-02-10 |
| CVE-2020-12514 json | Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS i... | 4.9 - MEDIUM | 2021-01-22 | 2021-01-28 |
| CVE-2020-12513 json | Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection. | 8.8 - HIGH | 2021-01-22 | 2021-01-27 |
| CVE-2020-12512 json | Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scrip... | 5.4 - MEDIUM | 2021-01-22 | 2021-01-27 |
| CVE-2020-12511 json | Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web i... | 8.8 - HIGH | 2021-01-22 | 2021-01-27 |
| CVE-2020-12504 json | Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES... | 9.8 - CRITICAL | 2020-10-15 | 2022-03-16 |
| CVE-2020-12503 json | Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES... | 7.2 - HIGH | 2020-10-15 | 2022-04-29 |
| CVE-2020-12502 json | Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES... | 8.8 - HIGH | 2020-10-15 | 2022-04-29 |
| CVE-2020-12501 json | Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES... | 9.8 - CRITICAL | 2020-10-15 | 2024-01-17 |
Known software with vulnerabilities from Pepperl-fuchs
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Pepperl-fuchs | Es7506 | - |
| Operating System | Pepperl-fuchs | Es7506 Firmware | - |
| Hardware | Pepperl-fuchs | Es7510 | - |
| Hardware | Pepperl-fuchs | Es7510-xt | - |
| Operating System | Pepperl-fuchs | Es7510-xt Firmware | - |
| Operating System | Pepperl-fuchs | Es7510 Firmware | - |
| Hardware | Pepperl-fuchs | Es7528 | - |
| Operating System | Pepperl-fuchs | Es7528 Firmware | - |
| Hardware | Pepperl-fuchs | Es8508 | - |
| Hardware | Pepperl-fuchs | Es8508f | - |
| Operating System | Pepperl-fuchs | Es8508f Firmware | - |
| Operating System | Pepperl-fuchs | Es8508 Firmware | - |
| Hardware | Pepperl-fuchs | Es8509-xt | - |
| Operating System | Pepperl-fuchs | Es8509-xt Firmware | - |
| Hardware | Pepperl-fuchs | Es8510 | - |
| Hardware | Pepperl-fuchs | Es8510-xt | - |
| Hardware | Pepperl-fuchs | Es8510-xte | - |
| Operating System | Pepperl-fuchs | Es8510-xte Firmware | - |
| Operating System | Pepperl-fuchs | Es8510-xt Firmware | - |
| Operating System | Pepperl-fuchs | Es8510 Firmware | - |