Vulnerabilities > Myscada > Mypro

DATE CVE VULNERABILITY TITLE RISK
2024-07-02 CVE-2024-4708 Use of Hard-coded Credentials vulnerability in Myscada Mypro
mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code on the affected device.
network
low complexity
myscada CWE-798
critical
 9.8
9.8
2023-04-27 CVE-2023-28384 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
8.8
2023-04-27 CVE-2023-28400 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
8.8
2023-04-27 CVE-2023-28716 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
8.8
2023-04-27 CVE-2023-29150 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
8.8
2023-04-27 CVE-2023-29169 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
8.8
2022-08-24 CVE-2022-2234 OS Command Injection vulnerability in Myscada Mypro
An authenticated mySCADA myPRO 8.26.0 user may be able to modify parameters to run commands directly in the operating system.
network
low complexity
myscada CWE-78
8.8
8.8
2022-05-13 CVE-2021-27505 Information Exposure Through Directory Listing vulnerability in Myscada Mypro 7/7.0.26
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information.
network
low complexity
myscada CWE-548
7.5
7.5
2022-05-13 CVE-2021-33005 Path Traversal vulnerability in Myscada Mypro 7/7.0.26
mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to arbitrary directories.
network
low complexity
myscada CWE-22
7.5
7.5
2022-05-13 CVE-2021-33009 Unrestricted Upload of File with Dangerous Type vulnerability in Myscada Mypro 7/7.0.26
mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to the file system.
network
low complexity
myscada CWE-434
7.5
7.5