Osprey Pump Controller 1.0.1 userName Command Injection
Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS
command injection vulnerability. This can be exploited to inject and
execute arbitrary shell commands through the userName HTTP POST parameter called by index.php script.
https://packetstormsecurity.com/files/171177/ZSL-2023-5749.txt
Tue, 28 Feb 2023 17:12:21 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com (2:467/4.444)