CVE-2023-27886

CVSS 9.8 · Critical EPSS 2.01% · P84 Updated Jan 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-27886

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

CVE-2023-27886

Source: NVD (National Vulnerability Database)

Vulnerability Description

Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through a HTTP POST parameter called by index.php script.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Osprey Pump Controller 操作系统命令注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Osprey Pump Controller是Osprey公司的一款泵控制器。 Osprey Pump Controller 1.01版本存在安全漏洞，该漏洞源于存在操作系统命令注入漏洞。攻击者利用该漏洞可以通过index.php脚本注入和执行任意shell命令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
ProPump and Controls, Inc.	Osprey Pump Controller	1.01	-

II. Public POCs for CVE-2023-27886

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-27886

请登录查看更多情报信息。

Same Patch Batch · ProPump and Controls, Inc. · 2023-03-28 · 9 CVEs total

CVE-2023-27394	9.8 CRITICAL	CVE-2023-27394
CVE-2023-28398	9.8 CRITICAL	CVE-2023-28398
CVE-2023-28654	9.8 CRITICAL	CVE-2023-28654
CVE-2023-28395	8.3 HIGH	CVE-2023-28395
CVE-2023-28712	8.2 HIGH	CVE-2023-28712
CVE-2023-28375	7.5 HIGH	CVE-2023-28375
CVE-2023-28648	7.5 HIGH	CVE-2023-28648
CVE-2023-28718	7.1 HIGH	CVE-2023-28718

IV. Related Vulnerabilities

Same product: Osprey Pump Controller

Same vendor: ProPump and Controls, Inc.

V. Comments for CVE-2023-27886

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-27886

I. Basic Information for CVE-2023-27886

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-27886

III. Intelligence Information for CVE-2023-27886

Same Patch Batch · ProPump and Controls, Inc. · 2023-03-28 · 9 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2023-27886

Leave a comment