124 matches found
PT-2023-7479 · Unknown · Osprey Pump Controller
Name of the Vulnerable Software and Affected Versions: Osprey Pump Controller version 1.01 Description: The issue exists due to insufficient input validation in the software of Osprey Pump Controller, allowing a remote attacker to gain unauthorized access to the device. This vulnerability could...
PT-2023-7429 · Unknown · Osprey Pump Controller
Name of the Vulnerable Software and Affected Versions: Osprey Pump Controller version 1.01 Description: The issue is related to an unauthenticated OS command injection vulnerability. This vulnerability can be exploited to inject and execute arbitrary shell commands through a HTTP POST parameter...
PT-2023-7476 · Unknown · Osprey Pump Controller
Name of the Vulnerable Software and Affected Versions: Osprey Pump Controller version 1.01 Description: The issue is related to a weak session token generation algorithm that can be predicted, potentially allowing an attacker to hijack a session by predicting the session id and gain unauthorized...
PT-2023-7477 · Unknown · Osprey Pump Controller
Name of the Vulnerable Software and Affected Versions: Osprey Pump Controller version 1.01 Description: The issue allows an unauthenticated user to create an account and bypass authentication, gaining unauthorized access to the system. A threat actor could exploit this to create a user account...
Osprey Pump Controller 1.0.1 eventFileSelected Command Injection Vulnerability
Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the eventFileSelected HTTP GET parameter called by DataLogView.php, EventsView.php and AlarmsView.php scripts. Ospr...
Osprey Pump Controller 1.0.1 Cross Site Scripting Vulnerability
Osprey Pump Controller 1.0.1 Unauthenticated Reflected XSS Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mirage...
Osprey Pump Controller 1.0.1 Unauthenticated Remote Code Execution Exploit
!/usr/bin/env python Osprey Pump Controller 1.0.1 Unauthenticated Remote Code Execution Exploit Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App:...
Osprey Pump Controller 1.0.1 pseudonym Command Injection Vulnerability
Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the pseudonym HTTP POST parameter called by index.php script. Osprey Pump Controller 1.0.1 pseudonym Semi-blind...
Osprey Pump Controller 1.0.1 userName Command Injection Vulnerability
Osprey Pump Controller 1.0.1 userName Blind Command Injection Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mira...
Osprey Pump Controller 1.0.1 pseudonym Command Injection
Osprey Pump Controller 1.0.1 pseudonym Semi-blind Command Injection Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0....
Osprey Pump Controller 1.0.1 eventFileSelected Command Injection
Osprey Pump Controller 1.0.1 eventFileSelected Command Injection Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1...
Osprey Pump Controller 1.0.1 Unauthenticated File Disclosure Vulnerability
Osprey Pump Controller version 1.0.1 suffers from an unauthenticated file disclosure vulnerability. Osprey Pump Controller 1.0.1 Unauthenticated File Disclosure Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version:...
Osprey Pump Controller 1.0.1 Authentication Bypass
!/usr/bin/env python Osprey Pump Controller 1.0.1 Authentication Bypass Credentials Modification Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App:...
Osprey Pump Controller 1.0.1 Predictable Session Token / Session Hijacking
Osprey Pump Controller 1.0.1 Predictable Session Token / Session Hijack Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release...
Osprey Pump Controller 1.0.1 Administrator Backdoor Access Vulnerability
Osprey Pump Controller version 1.0.1 has a hidden administrative account admin that has the hardcoded password Mirage1234 that allows full access to the web management interface configuration. The user admin is not visible in Usernames and Passwords menu list 120 of the application and the passwo...
Osprey Pump Controller 1.0.1 Cross Site Scripting
Osprey Pump Controller 1.0.1 Unauthenticated Reflected XSS Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mirage...
Osprey Pump Controller 1.0.1 Authentication Bypass Exploit
Osprey Pump Controller version 1.0.1 allows an unauthenticated attacker to create an account and bypass authentication, thereby gaining unauthorized access to the system. !/usr/bin/env python Osprey Pump Controller 1.0.1 Authentication Bypass Credentials Modification Vendor: ProPump and Controls,...
Osprey Pump Controller 1.0.1 userName Command Injection
Osprey Pump Controller 1.0.1 userName Blind Command Injection Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mira...
Osprey Pump Controller 1.0.1 Authentication Bypass Credentials Modification
Summary Providing pumping systems and automated controls for golf courses and turf irrigation, municipal water and sewer, biogas, agricultural, and industrial markets. Osprey: door-mounted, irrigation and landscape pump controller. Technology hasn't changed dramatically on pump and electric motor...
Osprey Pump Controller 1.0.1 Unauthenticated Reflected XSS
Summary Providing pumping systems and automated controls for golf courses and turf irrigation, municipal water and sewer, biogas, agricultural, and industrial markets. Osprey: door-mounted, irrigation and landscape pump controller. Technology hasn't changed dramatically on pump and electric motor...