124 matches found
CVE-2023-28375 CVE-2023-28375
Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated file disclosure. Using a GET parameter, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information...
EUVD-2023-32071
Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated file disclosure. Using a GET parameter, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information...
CVE-2023-28395
CVE-2023-28395 affects Osprey Pump Controller version 1.01. The vulnerability stems from a weak, low-entropy session token generation algorithm, enabling session ID predictability and potential authentication/authorization bypass, which could allow an attacker to hijack a session and gain unautho...
CVE-2023-28395 CVE-2023-28395
Osprey Pump Controller version 1.01 is vulnerable to a weak session token generation algorithm that can be predicted and can aid in authentication and authorization bypass. This may allow an attacker to hijack a session by predicting the session id and gain unauthorized access to the product...
CVE-2023-28395 CVE-2023-28395
Osprey Pump Controller version 1.01 is vulnerable to a weak session token generation algorithm that can be predicted and can aid in authentication and authorization bypass. This may allow an attacker to hijack a session by predicting the session id and gain unauthorized access to the product...
PT-2023-7104 · Unknown · Osprey Pump Controller
Name of the Vulnerable Software and Affected Versions: Osprey Pump Controller version 1.01 Description: The issue is related to the use of hardcoded credentials in the Osprey Pump Controller software. This allows a remote attacker to gain full access to the web management interface configuration...
PT-2023-7387 · Unknown · Osprey Pump Controller
Name of the Vulnerable Software and Affected Versions: Osprey Pump Controller version 1.01 Description: The issue exists due to inadequate protection of the web page structure, allowing a remote attacker to execute arbitrary code. Specifically, inputs passed to a GET parameter are not properly...
PT-2023-8672 · Unknown · Osprey Pump Controller
Name of the Vulnerable Software and Affected Versions: Osprey Pump Controller version 1.01 Description: The issue is related to the lack of verification for HTTP requests, which may allow an attacker to perform certain actions with administrative privileges if a logged-in user visits a malicious...
PT-2023-8669 · Unknown · Osprey Pump Controller
Name of the Vulnerable Software and Affected Versions: Osprey Pump Controller version 1.01 Description: The issue is related to the disclosure of information via query strings, allowing a remote attacker to reveal protected information. Using a GET parameter, attackers can disclose arbitrary file...
Osprey Pump Controller 安全漏洞
Osprey Pump Controller is a pump controller from Osprey. A security vulnerability exists in Osprey Pump Controller version 1.01. An attacker can exploit this vulnerability to obtain arbitrary files and sensitive system information from an affected device using GET parameters...
Osprey Pump Controller 安全特征问题漏洞
Osprey Pump Controller is a pump controller from Osprey. A security vulnerability exists in Osprey Pump Controller version 1.01 that stems from vulnerability to a predictable and weak session token generation algorithm and could facilitate bypassing authentication and authorization. An attacker...
Osprey Pump Controller 命令注入漏洞
Osprey Pump Controller is a pump controller from Osprey. A security vulnerability exists in Osprey Pump Controller version 1.01 that stems from the presence of a command injection vulnerability. An attacker can exploit the vulnerability to gain access to the system...
Osprey Pump Controller 信任管理问题漏洞
Osprey Pump Controller is a pump controller from Osprey. A security vulnerability exists in Osprey Pump Controller version 1.01 that stems from the use of hard-coded passwords, which can be exploited by an attacker to gain full access to the web management interface configuration...
Osprey Pump Controller 操作系统命令注入漏洞
Osprey Pump Controller is a pump controller from Osprey. A security vulnerability exists in Osprey Pump Controller version 1.01, which stems from the presence of an operating system command injection vulnerability. An attacker can exploit this vulnerability to inject and execute arbitrary shell...
Osprey Pump Controller 操作系统命令注入漏洞
Osprey Pump Controller is a pump controller from Osprey. A security vulnerability exists in Osprey Pump Controller version 1.01, which stems from an operating system command injection vulnerability. The vulnerability can be exploited to inject and execute arbitrary shell commands via the index.ph...
Osprey Pump Controller 跨站请求伪造漏洞
Osprey Pump Controller is a pump controller from Osprey. A security vulnerability exists in Osprey Pump Controller version 1.01. An unauthorized attacker could exploit this vulnerability to perform operations with administrative privileges...
Osprey Pump Controller 授权问题漏洞
Osprey Pump Controller is a pump controller from Osprey. A security vulnerability exists in Osprey Pump Controller version 1.01, which stems from the use of an alternate path or channel to bypass authentication, and can be exploited by an attacker to gain unauthorized access to the system...
Osprey Pump Controller 跨站脚本漏洞
Osprey Pump Controller is a pump controller from Osprey. A security vulnerability exists in Osprey Pump Controller version 1.01, which stems from input that is not properly filtered before being returned to the user. An attacker could exploit this vulnerability to execute arbitrary HTML/JS code...
ProPump and Controls Osprey Pump Controller (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : ProPump and Controls, Inc. Equipment : Osprey Pump Controller Vulnerabilities: Insufficient Entropy, Use of GET Request Method with Sensitive Query Strings, Use...
PT-2023-7478 · Unknown · Osprey Pump Controller
Name of the Vulnerable Software and Affected Versions: Osprey Pump Controller version 1.01 Description: The issue exists due to the failure to neutralize special elements in the DataLogView.php, EventsView.php, and AlarmsView.php scripts of the Osprey Pump Controller software. This allows a remot...