Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated file disclosure. Using a GET parameter, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
propumpservice osprey_pump_controller_firmware 1.01 |