Security Advisory

CVE-2023-28375

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-03-28 20:02:00

Last updated 2025-01-16 21:38:35

Assigner icscert

State PUBLISHED

Description

Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated file disclosure. Using a GET parameter, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information.

← Browse all CVEs View on cve.org ↗