Security Advisory

CVE-2023-27886

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-03-28 20:04:07

Last updated 2025-01-16 21:38:19

Assigner icscert

State PUBLISHED

Description

Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through a HTTP POST parameter called by index.php script.

← Browse all CVEs View on cve.org ↗