📦 Osprey Pump Controller Firmware

CVE-2023-28398 allows unauthenticated attackers to create accounts and bypass authentication on Osprey Pump Controller version 1.01, gaining unauthorized access to industrial control systems. This aff...

Osprey Pump Controller version 1.01 contains a hidden administrative account with a hardcoded password that cannot be changed, allowing full access to the web management interface. This affects all us...

CVE-2023-27394 is an unauthenticated OS command injection vulnerability in Osprey Pump Controller version 1.01 that allows attackers to execute arbitrary shell commands via HTTP GET parameters. This a...

CVE-2023-28718 is a Cross-Site Request Forgery (CSRF) vulnerability in Osprey Pump Controller version 1.01 that allows attackers to perform unauthorized actions with administrative privileges. An atta...

CVE-2023-28395 is a session token vulnerability in Osprey Pump Controller version 1.01 that allows attackers to predict session IDs and bypass authentication. This affects industrial control systems u...