Shodan
Vulnerabilities
Vulnerable Software
Pepperl-Fuchs:  Security Vulnerabilities
CVE-2021-34563
In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 and 3.0.9 the HttpOnly attribute is not set on a cookie. This allows the cookie's value to be read or set by client-side JavaScript.
CVSS Score
3.3
EPSS Score
0.001
Published
2021-08-31
CVE-2021-34564
Any cookie-stealing vulnerabilities within the application or browser would enable an attacker to steal the user's credentials to the PEPPERL+FUCHS WirelessHART-Gateway 3.0.9.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-08-31
CVE-2021-34565
In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded credentials.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-08-31
CVE-2021-20988
In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device.
CVSS Score
8.6
EPSS Score
0.003
Published
2021-05-13
CVE-2021-20986
A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead to unexpected loss of cyclic communication or interruption of acyclic communication.
CVSS Score
7.5
EPSS Score
0.005
Published
2021-02-16
CVE-2021-20987
A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recovery.
CVSS Score
8.6
EPSS Score
0.004
Published
2021-02-16
CVE-2020-12512
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVSS Score
7.5
EPSS Score
0.007
Published
2021-01-22
CVE-2020-12513
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVSS Score
7.5
EPSS Score
0.089
Published
2021-01-22
CVE-2020-12514
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd
CVSS Score
6.6
EPSS Score
0.005
Published
2021-01-22
CVE-2020-12525
M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage.
CVSS Score
7.3
EPSS Score
0.001
Published
2021-01-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved