CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-28375

Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated file disclosure. Using a GET parameter, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.093

EPSS Ranking 92.3%

CVSS Severity

CVSS v3 Score 7.5

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-06
https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-06

Products affected by CVE-2023-28375

Propumpservice » Osprey Pump Controller » Version: N/A

cpe:2.3:h:propumpservice:osprey_pump_controller:-
Propumpservice » Osprey Pump Controller Firmware » Version: 1.01

cpe:2.3:o:propumpservice:osprey_pump_controller_firmware:1.01

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-28375

Products

Pricing

Contact Us