In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete enabled. The stored credentials can be captured by an attacker who gains control over the user's computer. Therefore the user must have logged in at least once.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NPepperl Fuchs Wha Gw F2d2 0 As Z2 Eth
HWPepperl-Fuchswszystkie wersjePepperl Fuchs Wha Gw F2d2 0 As Z2 Eth.eip
HWPepperl-Fuchswszystkie wersjePepperl Fuchs Wha Gw F2d2 0 As Z2 Eth.eip Firmware
OSPepperl-Fuchs≤ 3.0.9Pepperl Fuchs Wha Gw F2d2 0 As Z2 Eth Firmware
OSPepperl-Fuchs≤ 3.0.9
Related vulnerabilities
In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded cr...
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.7 the filename parameter is vulnerable to unauthenticated path tr...
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally acce...
In PEPPERL+FUCHS WirelessHART-Gateway 3.0.8 it is possible to inject arbitrary JavaScript into the application...
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 a vulnerability may allow remote attackers to rewrite links and...