CVE-2021-34561

Name of the Vulnerable Software and Affected Versions: PEPPERL+FUCHS WirelessHART-Gateway versions 3.0.8 and earlier

Description: A serious issue exists in the application if it is not externally accessible or uses IP-based access restrictions. Attackers can use DNS Rebinding to bypass any IP or firewall-based access restrictions that may be in place, by proxying through their target's browser.

Recommendations: For PEPPERL+FUCHS WirelessHART-Gateway versions 3.0.8 and earlier, consider implementing additional security measures to restrict access, such as configuring the application to only allow access from trusted sources or networks, until a patch or fix is available. As a temporary workaround, consider restricting browser access to the gateway to minimize the risk of exploitation.