315 matches found
PT-2025-7040 · Myscada · Myscada Mypro Manager
Name of the Vulnerable Software and Affected Versions: mySCADA myPRO Manager affected versions not specified Description: The administrative web interface of mySCADA myPRO Manager can be accessed without authentication, which could allow an unauthorized attacker to retrieve sensitive information...
mySCADA myPRO 跨站请求伪造漏洞
mySCADA myPRO is a professional HMI/SCADA system from mySCADA designed for the visualization and control of industrial processes. A cross-site request forgery vulnerability exists in mySCADA myPRO that stems from not properly validating a request. An attacker could exploit this vulnerability to...
mySCADA myPRO Manager Unauthenticated Command Injection (CVE-2024-47407)
Unauthenticated Command Injection in MyPRO Manager use exploit/windows/scada/mypromgrcmd msf exploitmypromgrcmd show targets ...targets... msf exploitmypromgrcmd set TARGET msf exploitmypromgrcmd show options ...show and set options... msf exploitmypromgrcmd exploit class MetasploitModule 'mySCAD...
MySCADA MyPRO Manager 1.2 Command Injection
MySCADA MyPRO Manager versions 1.2 and below suffer from an unauthenticated command injection vulnerability. The vulnerability can be exploited by a remote attacker to inject arbitrary operating system commands which will get executed in the context of the myscada9 administrative user that is...
PT-2025-6965 · Myscada · Myscada Mypro Manager
Name of the Vulnerable Software and Affected Versions: mySCADA myPRO Manager affected versions not specified Description: The issue is related to the storage of credentials in cleartext, which could allow an attacker to obtain sensitive information. This could potentially permit a remote attacker...
CVE-2025-20061
mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system...
CVE-2025-20014
mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system...
CVE-2025-20061 mySCADA myPRO Manager OS Command Injection
mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system...
CVE-2025-20061
CVE-2025-20061 affects mySCADA myPRO. Concrete details: an OS command injection vulnerability exists where POST requests to a specific port (web service on 34022 per ZDI entry) containing an email parameter can lead to arbitrary command execution. Root cause: inadequate sanitization/validation of...
CVE-2025-20014 mySCADA myPRO Manager OS Command Injection
mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system...
CVE-2025-20014 mySCADA myPRO Manager OS Command Injection
mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system...
CVE-2025-20014
CVE-2025-20014 affects mySCADA myPRO. A web service vulnerability allows unauthenticated POST requests (default port 34022) to inject commands due to improper input validation, enabling arbitrary code execution with root context. Affected by OS command injection via version information parameter;...
mySCADA myPRO 操作系统命令注入漏洞
mySCADA myPRO is a professional HMI/SCADA system from mySCADA, Inc. designed for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO that stems from an inability to properly handle POST requests sent to a specific port...
mySCADA myPRO 操作系统命令注入漏洞
mySCADA myPRO is a professional HMI/SCADA system from mySCADA, Inc. designed for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO that stems from an inability to properly neutralize a POST request with an email...
mySCADA PRO Manager Command Injection (CVE-2024-47407)
Binary data myscadaprocmdinjection.nbin...
mySCADA PRO Manager Detection
Binary data myscadapromanagerdetect.nbin...
The vulnerability in the web interface of the industrial process visualization and control system, mySCADA myPRO Runtime, and the mySCADA myPRO Manager platform, allows a perpetrator to execute arbitrary code.
The vulnerability of the web interface of the industrial process visualization and control system, mySCADA myPRO Runtime, and the mySCADA myPRO Manager platform, is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this...
The vulnerability of the visualization and industrial process management system mySCADA myPRO Runtime and the mySCADA myPRO Manager lies in the lack of authentication for a critical function, allowing attackers to bypass the authentication process.
The vulnerability of the industrial process visualization and control systems mySCADA myPRO and mySCADA myPRO Manager lies in the lack of authentication for a critical function used in the operating system’s command interface. Exploiting this vulnerability could allow an attacker to bypass the...
mySCADA myPRO Manager Operating System Command Injection Vulnerability
mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to inject arbitrary operating system commands...
mySCADA myPRO Manager Authorization Issues Vulnerability
mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An authorization issue vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to submit a special request for unauthorized access to resourc...