In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.7 the filename parameter is vulnerable to unauthenticated path traversal attacks, enabling read access to arbitrary files on the server.
Credits
Pepperl+Fuchs reported this vulnerability. CERT@VDE coordinated.
