CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-27886

Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through a HTTP POST parameter called by index.php script.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.4%

CVSS Severity

CVSS v3 Score 9.8

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-06
https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-06

Products affected by CVE-2023-27886

Propumpservice » Osprey Pump Controller » Version: N/A

cpe:2.3:h:propumpservice:osprey_pump_controller:-
Propumpservice » Osprey Pump Controller Firmware » Version: 1.01

cpe:2.3:o:propumpservice:osprey_pump_controller_firmware:1.01

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-27886

Products

Pricing

Contact Us