View CSAF Summary The web server in SENTRON 7KT PAC1261 Data Manager Before V2.1.0 contains a request smuggling vulnerability in the Go Project's net/http package that could allow an attacker to retrieve authorization tokens that can be used to gain administrative control over the device. Siemens has released a new version for SENTRON 7KT PAC1261 Data Manager and recommends to update to the latest version. The following versions of Siemens SENTRON 7KT PAC1261 Data Manager are affected: SENTRON 7KT PAC1261 Data Manager vers:intdot/<2.1.0  CVSS Vendor Equipment Vulnerabilities v3 9.1 Siemens Siemens SENTRON 7KT PAC1261 Data Manager Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Background Critical Infrastructure Sectors: Energy Countries/Areas Deployed: Worldwide Company Headquarters Location: Germany Vulnerabilities Acknowledgments Siemens ProductCERT reported this vulnerability to CISA.…