Subscribe via feed.

Osprey Pump Controller 1.0.1 userName Command Injection

Posted by deepcore on March 1, 2023 – 7:34 am

Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the userName HTTP POST parameter called by index.php script.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.