Known Vulnerabilities for products from Pepperl-fuchs
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Pepperl-fuchs".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Pepperl-fuchs can be found at device.report : Pepperl-fuchs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-34565 | In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded credentials. | 9.8 - CRITICAL | 2021-08-31 | 2022-09-29 |
| CVE-2021-34564 | Any cookie-stealing vulnerabilities within the application or browser would enable an attacker to steal the user's credential... | 5.5 - MEDIUM | 2021-08-31 | 2021-09-09 |
| CVE-2021-34563 | In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a cookie. This allows the cookie's... | 3.3 - LOW | 2021-08-31 | 2022-09-29 |
| CVE-2021-34562 | In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application's response. | 6.1 - MEDIUM | 2021-08-31 | 2022-09-29 |
| CVE-2021-34561 | In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses ... | 8.8 - HIGH | 2021-08-31 | 2022-09-29 |
| CVE-2021-34560 | In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete enabled. The stored credent... | 5.5 - MEDIUM | 2021-08-31 | 2022-09-29 |
| CVE-2021-34559 | In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 a vulnerability may allow remote attackers to rewrite links and URLs in cached... | 5.3 - MEDIUM | 2021-08-31 | 2022-09-29 |
| CVE-2021-33555 | In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.7 the filename parameter is vulnerable to unauthenticated path traversal attacks... | 7.5 - HIGH | 2021-08-31 | 2021-09-08 |
| CVE-2021-20988 | In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by... | 7.5 - HIGH | 2021-05-13 | 2021-09-09 |
| CVE-2021-20987 | A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may... | 8.6 - HIGH | 2021-02-16 | 2022-04-26 |
| CVE-2021-20986 | A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead t... | 7.5 - HIGH | 2021-02-16 | 2022-04-26 |
| CVE-2020-12525 | M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserializ... | 7.8 - HIGH | 2021-01-22 | 2022-02-10 |
| CVE-2020-12514 | Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS i... | 4.9 - MEDIUM | 2021-01-22 | 2021-01-28 |
| CVE-2020-12513 | Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection. | 8.8 - HIGH | 2021-01-22 | 2021-01-27 |
| CVE-2020-12512 | Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scrip... | 5.4 - MEDIUM | 2021-01-22 | 2021-01-27 |
| CVE-2020-12511 | Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web i... | 8.8 - HIGH | 2021-01-22 | 2021-01-27 |
| CVE-2020-12504 | Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES... | 9.8 - CRITICAL | 2020-10-15 | 2022-03-16 |
| CVE-2020-12503 | Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES... | 7.2 - HIGH | 2020-10-15 | 2022-04-29 |
| CVE-2020-12502 | Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES... | 8.8 - HIGH | 2020-10-15 | 2022-04-29 |
| CVE-2020-12501 | Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES... | 9.8 - CRITICAL | 2020-10-15 | 2024-01-17 |
Known software with vulnerabilities from Pepperl-fuchs
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Pepperl-fuchs | Es7506 | - |
| Operating System | Pepperl-fuchs | Es7506 Firmware | - |
| Hardware | Pepperl-fuchs | Es7510 | - |
| Operating System | Pepperl-fuchs | Es7510 Firmware | - |
| Hardware | Pepperl-fuchs | Es7510-xt | - |
| Operating System | Pepperl-fuchs | Es7510-xt Firmware | - |
| Hardware | Pepperl-fuchs | Es7528 | - |
| Operating System | Pepperl-fuchs | Es7528 Firmware | - |
| Hardware | Pepperl-fuchs | Es8508 | - |
| Operating System | Pepperl-fuchs | Es8508 Firmware | - |
| Hardware | Pepperl-fuchs | Es8508f | - |
| Operating System | Pepperl-fuchs | Es8508f Firmware | - |
| Hardware | Pepperl-fuchs | Es8509-xt | - |
| Operating System | Pepperl-fuchs | Es8509-xt Firmware | - |
| Hardware | Pepperl-fuchs | Es8510 | - |
| Operating System | Pepperl-fuchs | Es8510 Firmware | - |
| Hardware | Pepperl-fuchs | Es8510-xt | - |
| Operating System | Pepperl-fuchs | Es8510-xt Firmware | - |
| Hardware | Pepperl-fuchs | Es8510-xte | - |
| Operating System | Pepperl-fuchs | Es8510-xte Firmware | - |