287 matches found
CVE-2025-20014 mySCADA myPRO Manager OS Command Injection
mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system...
mySCADA myPRO 操作系统命令注入漏洞
mySCADA myPRO is a professional HMI/SCADA system from mySCADA, Inc. designed for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO that stems from an inability to properly neutralize a POST request with an email...
mySCADA myPRO 操作系统命令注入漏洞
mySCADA myPRO is a professional HMI/SCADA system from mySCADA, Inc. designed for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO that stems from an inability to properly handle POST requests sent to a specific port...
The vulnerability of the visualization and industrial process management system mySCADA myPRO Runtime and the mySCADA myPRO Manager lies in the lack of authentication for a critical function, allowing attackers to bypass the authentication process.
The vulnerability of the industrial process visualization and control systems mySCADA myPRO and mySCADA myPRO Manager lies in the lack of authentication for a critical function used in the operating system’s command interface. Exploiting this vulnerability could allow an attacker to bypass the...
mySCADA myPRO Manager Authorization Issues Vulnerability
mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An authorization issue vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to submit a special request for unauthorized access to resourc...
mySCADA myPRO Manager OS Command Injection Vulnerability (CNVD-2024-46408)
mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to inject arbitrary operating system commands...
mySCADA myPRO Manager Operating System Command Injection Vulnerability
mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to inject arbitrary operating system commands...
mySCADA myPRO Manager Access Control Error Vulnerability
mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An access control error vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to submit a special request for unauthorized access to...
The vulnerability of the industrial process visualization and control system mySCADA myPRO Runtime and the mySCADA myPRO Manager lies in the failure to take measures to neutralize special elements used in the operating system’s commands, allowing attackers to execute arbitrary operating system commands.
The vulnerability of the industrial process visualization and control systems mySCADA myPRO and mySCADA myPRO Manager lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrar...
mySCADA myPRO Manager Directory Traversal Vulnerability
mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. A directory traversal vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to submit a special request to view the contents of a system fi...
CVE-2024-52034
An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command can be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands...
CVE-2024-50054 mySCADA myPRO Path Traversal
The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system...
CVE-2024-50054 mySCADA myPRO Path Traversal
The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system...
CVE-2024-47138 mySCADA myPRO Missing Authentication for Critical Function
The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed...
CVE-2024-47138 mySCADA myPRO Missing Authentication for Critical Function
The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed...
CVE-2024-45369 mySCADA myPRO Improper Authentication
The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource...
CVE-2024-45369 mySCADA myPRO Improper Authentication
The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource...
CVE-2024-52034
CVE-2024-52034 concerns the mySCADA myPRO Manager. A parameter in a command is not properly validated, enabling an unauthenticated remote attacker to inject arbitrary operating system commands (OS Command Injection). Public sources corroborate that the vulnerability affects the myPRO Manager and ...
CVE-2024-52034 mySCADA myPRO OS Command Injection
An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command can be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands...
CVE-2024-52034 mySCADA myPRO OS Command Injection
An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command can be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands...