1. Home
  2. CVE Database
  3. CVE-2021-34561
HIGH · 7.5

CVE-2021-34561

In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions. Attackers can use DNS Rebinding to bypass any...

Vulnerability Description

In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions. Attackers can use DNS Rebinding to bypass any IP or firewall based access restrictions that may be in place, by proxying through their target's browser.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
Pepperl-FuchsWha-Gw-F2D2-0-As-Z2-Eth Firmware<= 3.0.8
Pepperl-FuchsWha-Gw-F2D2-0-As-Z2-Eth-
Pepperl-FuchsWha-Gw-F2D2-0-As-Z2-Eth.Eip Firmware<= 3.0.8
Pepperl-FuchsWha-Gw-F2D2-0-As-Z2-Eth.Eip-

Related Weaknesses (CWE)

CWE-350

References

FAQ

What is CVE-2021-34561?

CVE-2021-34561 is a vulnerability with a CVSS score of 7.5 (HIGH). In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions. Attackers can use DNS Rebinding to bypass any...

How severe is CVE-2021-34561?

CVE-2021-34561 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-34561?

Check the references section above for vendor advisories and patch information. Affected products include: Pepperl-Fuchs Wha-Gw-F2D2-0-As-Z2-Eth Firmware, Pepperl-Fuchs Wha-Gw-F2D2-0-As-Z2-Eth, Pepperl-Fuchs Wha-Gw-F2D2-0-As-Z2-Eth.Eip Firmware, Pepperl-Fuchs Wha-Gw-F2D2-0-As-Z2-Eth.Eip.