Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CVE-2023-27394
Vulnerability Description
Osprey Pump Controller version 1.01 is vulnerable an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through a HTTP GET parameter called by DataLogView.php, EventsView.php and AlarmsView.php scripts.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Osprey Pump Controller 操作系统命令注入漏洞
Vulnerability Description
Osprey Pump Controller是Osprey公司的一款泵控制器。 Osprey Pump Controller 1.01版本存在安全漏洞,该漏洞源于存在操作系统命令注入漏洞。攻击者利用该漏洞可以通过DataLogView.php、EventsView.php和AlarmsView.php脚本注入和执行任意shell命令。
CVSS Information
N/A
Vulnerability Type
N/A