cvedb.io
CVE-2023-28718
HIGH · CVSS 7.1
EPSS exploitation probability: 0%
Published 2023-03-28T21:15:11.587 · Last modified 2026-06-17T05:48:37.680

Summary

Osprey Pump Controller version 1.01 allows users to perform certain actions via HTTP requests without performing any checks to verify the requests. This may allow an attacker to perform certain actions with administrative privileges if a logged-in user visits a malicious website.

Affected products

propumpservice — osprey_pump_controller_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when propumpservice ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.