Lucene search
K

315 matches found

Positive Technologies
Positive Technologies
added 2025/02/13 12:0 a.m.3 views

PT-2025-7040 · Myscada · Myscada Mypro Manager

Name of the Vulnerable Software and Affected Versions: mySCADA myPRO Manager affected versions not specified Description: The administrative web interface of mySCADA myPRO Manager can be accessed without authentication, which could allow an unauthorized attacker to retrieve sensitive information...

10CVSS9.7AI score0.06818EPSS
Exploits1References13
CNNVD
CNNVD
added 2025/02/13 12:0 a.m.4 views

mySCADA myPRO 跨站请求伪造漏洞

mySCADA myPRO is a professional HMI/SCADA system from mySCADA designed for the visualization and control of industrial processes. A cross-site request forgery vulnerability exists in mySCADA myPRO that stems from not properly validating a request. An attacker could exploit this vulnerability to...

6.5CVSS6.6AI score0.00559EPSS
Exploits0References3
Metasploit
Metasploit
added 2025/02/11 6:55 p.m.304 views

mySCADA myPRO Manager Unauthenticated Command Injection (CVE-2024-47407)

Unauthenticated Command Injection in MyPRO Manager use exploit/windows/scada/mypromgrcmd msf exploitmypromgrcmd show targets ...targets... msf exploitmypromgrcmd set TARGET msf exploitmypromgrcmd show options ...show and set options... msf exploitmypromgrcmd exploit class MetasploitModule 'mySCAD...

10CVSS8.9AI score0.64168EPSS
Exploits4
Packet Storm
Packet Storm
added 2025/02/11 12:0 a.m.506 views

MySCADA MyPRO Manager 1.2 Command Injection

MySCADA MyPRO Manager versions 1.2 and below suffer from an unauthenticated command injection vulnerability. The vulnerability can be exploited by a remote attacker to inject arbitrary operating system commands which will get executed in the context of the myscada9 administrative user that is...

10CVSS9.9AI score0.64168EPSS
Exploits4
Positive Technologies
Positive Technologies
added 2025/01/31 12:0 a.m.4 views

PT-2025-6965 · Myscada · Myscada Mypro Manager

Name of the Vulnerable Software and Affected Versions: mySCADA myPRO Manager affected versions not specified Description: The issue is related to the storage of credentials in cleartext, which could allow an attacker to obtain sensitive information. This could potentially permit a remote attacker...

9.2CVSS8.4AI score0.03353EPSS
Exploits1References11
NVD
NVD
added 2025/01/29 8:15 p.m.20 views

CVE-2025-20061

mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system...

9.8CVSS0.01232EPSS
Exploits0References1
NVD
NVD
added 2025/01/29 8:15 p.m.14 views

CVE-2025-20014

mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system...

9.8CVSS0.01232EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/29 7:52 p.m.17 views

CVE-2025-20061 mySCADA myPRO Manager OS Command Injection

mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system...

9.8CVSS0.01232EPSS
Exploits0References1
CVE
CVE
added 2025/01/29 7:52 p.m.61 views

CVE-2025-20061

CVE-2025-20061 affects mySCADA myPRO. Concrete details: an OS command injection vulnerability exists where POST requests to a specific port (web service on 34022 per ZDI entry) containing an email parameter can lead to arbitrary command execution. Root cause: inadequate sanitization/validation of...

9.8CVSS9.7AI score0.01232EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/29 7:46 p.m.22 views

CVE-2025-20014 mySCADA myPRO Manager OS Command Injection

mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system...

9.8CVSS0.01232EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/29 7:46 p.m.12 views

CVE-2025-20014 mySCADA myPRO Manager OS Command Injection

mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system...

9.8CVSS9.7AI score0.01232EPSS
Exploits0References1
CVE
CVE
added 2025/01/29 7:46 p.m.54 views

CVE-2025-20014

CVE-2025-20014 affects mySCADA myPRO. A web service vulnerability allows unauthenticated POST requests (default port 34022) to inject commands due to improper input validation, enabling arbitrary code execution with root context. Affected by OS command injection via version information parameter;...

9.8CVSS9.8AI score0.01232EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/29 12:0 a.m.4 views

mySCADA myPRO 操作系统命令注入漏洞

mySCADA myPRO is a professional HMI/SCADA system from mySCADA, Inc. designed for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO that stems from an inability to properly handle POST requests sent to a specific port...

9.8CVSS10AI score0.01232EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/29 12:0 a.m.5 views

mySCADA myPRO 操作系统命令注入漏洞

mySCADA myPRO is a professional HMI/SCADA system from mySCADA, Inc. designed for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO that stems from an inability to properly neutralize a POST request with an email...

9.8CVSS10AI score0.01232EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/01/28 12:0 a.m.12 views

mySCADA PRO Manager Command Injection (CVE-2024-47407)

Binary data myscadaprocmdinjection.nbin...

10CVSS9.6AI score0.64168EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2025/01/28 12:0 a.m.3 views

mySCADA PRO Manager Detection

Binary data myscadapromanagerdetect.nbin...

7.3AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/01/27 12:0 a.m.6 views

The vulnerability in the web interface of the industrial process visualization and control system, mySCADA myPRO Runtime, and the mySCADA myPRO Manager platform, allows a perpetrator to execute arbitrary code.

The vulnerability of the web interface of the industrial process visualization and control system, mySCADA myPRO Runtime, and the mySCADA myPRO Manager platform, is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this...

10CVSS8.6AI score0.01232EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.6 views

The vulnerability of the visualization and industrial process management system mySCADA myPRO Runtime and the mySCADA myPRO Manager lies in the lack of authentication for a critical function, allowing attackers to bypass the authentication process.

The vulnerability of the industrial process visualization and control systems mySCADA myPRO and mySCADA myPRO Manager lies in the lack of authentication for a critical function used in the operating system’s command interface. Exploiting this vulnerability could allow an attacker to bypass the...

10CVSS5.5AI score0.00751EPSS
Exploits0References4Affected Software2
CNVD
CNVD
added 2024/11/25 12:0 a.m.8 views

mySCADA myPRO Manager Operating System Command Injection Vulnerability

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to inject arbitrary operating system commands...

10CVSS7.4AI score0.64168EPSS
Exploits4References1
CNVD
CNVD
added 2024/11/25 12:0 a.m.8 views

mySCADA myPRO Manager Authorization Issues Vulnerability

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An authorization issue vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to submit a special request for unauthorized access to resourc...

9.2CVSS6.8AI score0.00568EPSS
Exploits0References1
Rows per page
Query Builder