Lucene search
+L

287 matches found

Vulnrichment
Vulnrichment
added 2025/01/29 7:46 p.m.12 views

CVE-2025-20014 mySCADA myPRO Manager OS Command Injection

mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system...

9.8CVSS9.7AI score0.01232EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/29 12:0 a.m.5 views

mySCADA myPRO 操作系统命令注入漏洞

mySCADA myPRO is a professional HMI/SCADA system from mySCADA, Inc. designed for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO that stems from an inability to properly neutralize a POST request with an email...

9.8CVSS10AI score0.01232EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/29 12:0 a.m.6 views

mySCADA myPRO 操作系统命令注入漏洞

mySCADA myPRO is a professional HMI/SCADA system from mySCADA, Inc. designed for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO that stems from an inability to properly handle POST requests sent to a specific port...

9.8CVSS10AI score0.01232EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.8 views

The vulnerability of the visualization and industrial process management system mySCADA myPRO Runtime and the mySCADA myPRO Manager lies in the lack of authentication for a critical function, allowing attackers to bypass the authentication process.

The vulnerability of the industrial process visualization and control systems mySCADA myPRO and mySCADA myPRO Manager lies in the lack of authentication for a critical function used in the operating system’s command interface. Exploiting this vulnerability could allow an attacker to bypass the...

10CVSS5.5AI score0.00751EPSS
Exploits0References4Affected Software2
CNVD
CNVD
added 2024/11/25 12:0 a.m.8 views

mySCADA myPRO Manager Authorization Issues Vulnerability

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An authorization issue vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to submit a special request for unauthorized access to resourc...

9.2CVSS6.8AI score0.00568EPSS
Exploits0References1
CNVD
CNVD
added 2024/11/25 12:0 a.m.8 views

mySCADA myPRO Manager OS Command Injection Vulnerability (CNVD-2024-46408)

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to inject arbitrary operating system commands...

10CVSS7.4AI score0.01697EPSS
Exploits0References1
CNVD
CNVD
added 2024/11/25 12:0 a.m.10 views

mySCADA myPRO Manager Operating System Command Injection Vulnerability

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to inject arbitrary operating system commands...

10CVSS7.4AI score0.64168EPSS
Exploits4References1
CNVD
CNVD
added 2024/11/25 12:0 a.m.8 views

mySCADA myPRO Manager Access Control Error Vulnerability

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An access control error vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to submit a special request for unauthorized access to...

9.8CVSS6.8AI score0.00751EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/25 12:0 a.m.7 views

The vulnerability of the industrial process visualization and control system mySCADA myPRO Runtime and the mySCADA myPRO Manager lies in the failure to take measures to neutralize special elements used in the operating system’s commands, allowing attackers to execute arbitrary operating system commands.

The vulnerability of the industrial process visualization and control systems mySCADA myPRO and mySCADA myPRO Manager lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrar...

10CVSS8.3AI score0.01697EPSS
Exploits0References3Affected Software2
CNVD
CNVD
added 2024/11/25 12:0 a.m.13 views

mySCADA myPRO Manager Directory Traversal Vulnerability

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. A directory traversal vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to submit a special request to view the contents of a system fi...

8.7CVSS6.6AI score0.00684EPSS
Exploits0References1
NVD
NVD
added 2024/11/22 11:15 p.m.23 views

CVE-2024-52034

An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command can be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands...

10CVSS0.01697EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/22 10:22 p.m.10 views

CVE-2024-50054 mySCADA myPRO Path Traversal

The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system...

8.7CVSS7.2AI score0.00684EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/22 10:22 p.m.19 views

CVE-2024-50054 mySCADA myPRO Path Traversal

The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system...

8.7CVSS0.00684EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/22 10:19 p.m.8 views

CVE-2024-47138 mySCADA myPRO Missing Authentication for Critical Function

The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed...

9.8CVSS7.5AI score0.00751EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/22 10:19 p.m.17 views

CVE-2024-47138 mySCADA myPRO Missing Authentication for Critical Function

The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed...

9.8CVSS0.00751EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/22 10:18 p.m.9 views

CVE-2024-45369 mySCADA myPRO Improper Authentication

The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource...

9.2CVSS7AI score0.00568EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/22 10:18 p.m.22 views

CVE-2024-45369 mySCADA myPRO Improper Authentication

The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource...

9.2CVSS0.00568EPSS
Exploits0References1
CVE
CVE
added 2024/11/22 10:15 p.m.56 views

CVE-2024-52034

CVE-2024-52034 concerns the mySCADA myPRO Manager. A parameter in a command is not properly validated, enabling an unauthenticated remote attacker to inject arbitrary operating system commands (OS Command Injection). Public sources corroborate that the vulnerability affects the myPRO Manager and ...

10CVSS9.8AI score0.01697EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/22 10:15 p.m.15 views

CVE-2024-52034 mySCADA myPRO OS Command Injection

An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command can be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands...

10CVSS7.6AI score0.01697EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/22 10:15 p.m.21 views

CVE-2024-52034 mySCADA myPRO OS Command Injection

An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command can be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands...

10CVSS0.01697EPSS
Exploits0References1
Rows per page
Query Builder