Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CVE-2023-28395
Vulnerability Description
Osprey Pump Controller version 1.01 is vulnerable to a weak session token generation algorithm that can be predicted and can aid in authentication and authorization bypass. This may allow an attacker to hijack a session by predicting the session id and gain unauthorized access to the product.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
Vulnerability Type
N/A
Vulnerability Title
Osprey Pump Controller 安全特征问题漏洞
Vulnerability Description
Osprey Pump Controller是Osprey公司的一款泵控制器。 Osprey Pump Controller 1.01版本存在安全漏洞,该漏洞源于容易受到可预测的弱会话令牌生成算法的影响,并可能有助于绕过身份验证和授权。攻击者利用该漏洞可以通过预测会话ID劫持会话并获得对产品的未授权访问。
CVSS Information
N/A
Vulnerability Type
N/A