9 matches found
CVE-2023-28384
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands...
mySCADA MyPRO Authenticated Command Injection Exploit
An authenticated command injection vulnerability exists in MyPRO versions 8.28.0 and below from mySCADA. The vulnerability can be exploited by a remote attacker to inject arbitrary operating system commands which will get executed in the context of NT AUTHORITY\SYSTEM. class MetasploitModule...
mySCADA MyPRO Authenticated Command Injection
class MetasploitModule 'mySCADA MyPRO Authenticated Command Injection CVE-2023-28384', 'Description' = %q Authenticated Command Injection in MyPRO MSFLICENSE, 'Author' = 'Michael Heinzl', Vulnerability discovery & MSF module 'References' = 'URL',...
mySCADA MyPRO Authenticated Command Injection (CVE-2023-28384)
Authenticated Command Injection in MyPRO use exploit/windows/scada/myprocmdexe msf exploitmyprocmdexe show targets ...targets... msf exploitmyprocmdexe set TARGET msf exploitmyprocmdexe show options ...show and set options... msf exploitmyprocmdexe exploit class MetasploitModule 'mySCADA MyPRO...
CVE-2023-28384
creationtimestamp| type| source ---|---|--- 2024-07-26 14:26:42+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/myprocmdexe.rb 2025-02-06 03:13:45+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:53+00:00| seen|...
CVE-2023-28384
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands...
CVE-2023-28384 CVE-2023-28384
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands...
CVE-2023-28384
CVE-2023-28384 affects mySCADA myPRO (versions 8.26.0 and earlier). An authenticated user can exploit parameters to inject arbitrary operating system commands, with the commands executed under NT AUTHORITY\SYSTEM. Public sources (including CISA ICS advisory) confirm remote exploitable OS command ...
CISA Warns of Critical ICS Flaws in Hitachi, mySCADA, ICL, and Nexx Products
The U.S. Cybersecurity and Infrastructure Security Agency CISA has published eight Industrial Control Systems ICS advisories warning of critical flaws affecting products from Hitachi Energy, mySCADA Technologies, Industrial Control Links, and Nexx. Topping the list is CVE-2022-3682 CVSS score: 9....