Lucene search
K

315 matches found

CNVD
CNVD
added 2024/11/25 12:0 a.m.8 views

mySCADA myPRO Manager OS Command Injection Vulnerability (CNVD-2024-46408)

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to inject arbitrary operating system commands...

10CVSS7.4AI score0.01697EPSS
Exploits0References1
CNVD
CNVD
added 2024/11/25 12:0 a.m.7 views

mySCADA myPRO Manager Access Control Error Vulnerability

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An access control error vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to submit a special request for unauthorized access to...

9.8CVSS6.8AI score0.00751EPSS
Exploits0References1
CNVD
CNVD
added 2024/11/25 12:0 a.m.11 views

mySCADA myPRO Manager Directory Traversal Vulnerability

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. A directory traversal vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to submit a special request to view the contents of a system fi...

8.7CVSS6.6AI score0.00684EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/25 12:0 a.m.5 views

The vulnerability of the industrial process visualization and control system mySCADA myPRO Runtime and the mySCADA myPRO Manager lies in the failure to take measures to neutralize special elements used in the operating system’s commands, allowing attackers to execute arbitrary operating system commands.

The vulnerability of the industrial process visualization and control systems mySCADA myPRO and mySCADA myPRO Manager lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrar...

10CVSS8.3AI score0.01697EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2024/11/22 10:22 p.m.16 views

CVE-2024-50054 mySCADA myPRO Path Traversal

The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system...

8.7CVSS0.00684EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/22 10:22 p.m.10 views

CVE-2024-50054 mySCADA myPRO Path Traversal

The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system...

8.7CVSS7.2AI score0.00684EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/22 10:19 p.m.8 views

CVE-2024-47138 mySCADA myPRO Missing Authentication for Critical Function

The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed...

9.8CVSS7.5AI score0.00751EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/22 10:19 p.m.15 views

CVE-2024-47138 mySCADA myPRO Missing Authentication for Critical Function

The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed...

9.8CVSS0.00751EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/22 10:18 p.m.21 views

CVE-2024-45369 mySCADA myPRO Improper Authentication

The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource...

9.2CVSS0.00568EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/22 10:18 p.m.9 views

CVE-2024-45369 mySCADA myPRO Improper Authentication

The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource...

9.2CVSS7AI score0.00568EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/22 10:15 p.m.19 views

CVE-2024-52034 mySCADA myPRO OS Command Injection

An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command can be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands...

10CVSS0.01697EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/22 10:15 p.m.15 views

CVE-2024-52034 mySCADA myPRO OS Command Injection

An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command can be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands...

10CVSS7.6AI score0.01697EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/22 10:15 p.m.20 views

CVE-2024-47407 mySCADA myPRO OS Command Injection

A parameter within a command does not properly validate input within myPRO Manager which could be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands...

10CVSS0.64168EPSS
Exploits4References1
Vulnrichment
Vulnrichment
added 2024/11/22 10:15 p.m.18 views

CVE-2024-47407 mySCADA myPRO OS Command Injection

A parameter within a command does not properly validate input within myPRO Manager which could be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands...

10CVSS7.2AI score0.64168EPSS
Exploits4References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.3 views

mySCADA myPRO 访问控制错误漏洞

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An access control error vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to submit a special request for unauthorized access to...

9.8CVSS6.8AI score0.00751EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.4 views

mySCADA myPRO 操作系统命令注入漏洞

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to inject arbitrary operating system commands...

10CVSS7.6AI score0.01697EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.5 views

mySCADA myPRO 操作系统命令注入漏洞

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to inject arbitrary operating system commands...

10CVSS7.6AI score0.64168EPSS
Exploits4References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.1 views

mySCADA myPRO 授权问题漏洞

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An authorization issue vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to submit a special request for unauthorized access to resourc...

9.2CVSS6.8AI score0.00568EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.4 views

mySCADA myPRO 安全漏洞

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. A directory traversal vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to submit a special request to view the contents of a system fi...

8.7CVSS6.6AI score0.00684EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/21 12:0 a.m.3 views

PT-2024-31583 · Myscada · Myscada Mypro Manager

Name of the Vulnerable Software and Affected Versions: mySCADA myPRO Manager affected versions not specified Description: The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource. Recommendations: At the moment, ther...

9.2CVSS7AI score0.00568EPSS
Exploits0References5
Rows per page
Query Builder