Security Advisory

CVE-2023-27394

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-03-28 20:05:21

Last updated 2025-01-16 21:38:12

Assigner icscert

State PUBLISHED

Description

Osprey Pump Controller version 1.01 is vulnerable an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through a HTTP GET parameter called by DataLogView.php, EventsView.php and AlarmsView.php scripts.

← Browse all CVEs View on cve.org ↗