124 matches found
The vulnerability of microprogrammed software in Osprey Pump Controller controllers allows a intruder to gain unauthorized access to the device.
The vulnerability of the microprogrammed software of Osprey Pump Controller controllers is related to insufficient entropy. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the device...
The vulnerability of microprogrammed software in Osprey Pump Controller controllers allows a intruder to alter arbitrary data or cause malfunctions during maintenance.
The vulnerability of microprogrammed software in Osprey Pump Controller controllers relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to alter arbitrary data or cause malfunctions in the system...
The vulnerability of the DataLogView.php, EventsView.php, and AlarmsView.php scripts of the microprogramming software for Osprey Pump Controller controllers allows a perpetrator to execute arbitrary commands.
The vulnerability of the DataLogView.php, EventsView.php, and AlarmsView.php scripts of the Osprey Pump Controller microprogrammed software exists due to the failure to take measures to neutralize certain special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrar...
The vulnerability of the microprogramming software of Osprey Pump Controller allows a intruder to execute arbitrary commands.
The vulnerability of the microprogrammed software of Osprey Pump Controller controllers exists due to the lack of measures taken to neutralize certain special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands via the HTTP POST parameter...
The vulnerability of microprogrammed software in Osprey Pump Controller controllers, due to the lack of measures taken to protect the website structure, allows a hacker to execute arbitrary code.
The vulnerability of the microprogramming software of Osprey Pump Controller controllers exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the microprogramming software of Osprey Pump Controller allows a hacker to gain full access to the device’s web interface.
The vulnerability of the microprogrammed software of Osprey Pump Controller controllers is related to the use of rigidly encrypted credentials. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full access to the device’s web interface...
Osprey Pump Controller 1.0.1 - (userName) Blind Command Injection
Exploit Title: Osprey Pump Controller 1.0.1 - userName Blind Command Injection Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mira...
Osprey Pump Controller 1.0.1 - Authentication Bypass Credentials Modification
!/usr/bin/env python Exploit Title: Osprey Pump Controller v1.0.1 - Authentication Bypass Credentials Modification Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID...
Osprey Pump Controller v1.0.1 - Unauthenticated Reflected XSS
Exploit Title: Osprey Pump Controller v1.0.1 - Unauthenticated Reflected XSS Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage...
Osprey Pump Controller 1.0.1 - (pseudonym) Semi-blind Command Injection
Exploit Title: Osprey Pump Controller 1.0.1 - pseudonym Semi-blind Command Injection Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/202...
Osprey Pump Controller 1.0.1 - Predictable Session Token / Session Hijack
Exploit Title: Osprey Pump Controller 1.0.1 - Predictable Session Token / Session Hijack Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production...
Osprey Pump Controller 1.0.1 - (eventFileSelected) Command Injection
Exploit Title: Osprey Pump Controller 1.0.1 - eventFileSelected Command Injection Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021...
Osprey Pump Controller 1.0.1 - Unauthenticated File Disclosure
Exploit Title: Osprey Pump Controller 1.0.1 - Unauthenticated File Disclosure Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirag...
Osprey Pump Controller 1.0.1 - Administrator Backdoor Access
Exploit Title: Osprey Pump Controller 1.0.1 - Administrator Backdoor Access Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage...
Osprey Pump Controller 1.0.1 - Unauthenticated Remote Code Execution Exploit
!/usr/bin/env python Exploit Title: Osprey Pump Controller 1.0.1 - Unauthenticated Remote Code Execution Exploit Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID...
Osprey Pump Controller 1.0.1 - Cross-Site Request Forgery
!-- Exploit Title: Osprey Pump Controller 1.0.1 - Cross-Site Request Forgery Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage...
CISA Warns of Vulnerabilities in Propump and Controls’ Osprey Pump Controller
By Habiba Rashid CISA's advisory came after the Macedonian cybersecurity firm Zero Science Lab discovered and reported the vulnerabilities to authorities. This is a post from HackRead.com Read the original post: CISA Warns of Vulnerabilities in Propump and Controls’ Osprey Pump Controller...
CVE-2023-28712
Osprey Pump Controller version 1.01 contains an unauthenticated command injection vulnerability that could allow system access with www-data permissions...
CVE-2023-28718
Osprey Pump Controller version 1.01 allows users to perform certain actions via HTTP requests without performing any checks to verify the requests. This may allow an attacker to perform certain actions with administrative privileges if a logged-in user visits a malicious website...
CVE-2023-28718
Osprey Pump Controller version 1.01 allows users to perform certain actions via HTTP requests without performing any checks to verify the requests. This may allow an attacker to perform certain actions with administrative privileges if a logged-in user visits a malicious website...