Command injection

2023-03-2821:15:00

PRIOn knowledge base

www.prio-n.com

command injection

unauthenticated access

osprey pump controller

system permissions

9.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.1%

JSON

Osprey Pump Controller version 1.01 contains an unauthenticated command injection vulnerability that could allow system access with www-data permissions.

CPENameOperatorVersion
osprey_pump_controller_firmwareeq1.01

CPE	Name	Operator	Version
	osprey_pump_controller_firmware	eq	1.01

References

www.cisa.gov/news-events/ics-advisories/icsa-23-082-06