Vulnerabilities > Myscada > Mypro > High

DATE CVE VULNERABILITY TITLE RISK
2023-04-27 CVE-2023-28384 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
8.8
2023-04-27 CVE-2023-28400 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
8.8
2023-04-27 CVE-2023-28716 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
8.8
2023-04-27 CVE-2023-29150 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
8.8
2023-04-27 CVE-2023-29169 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
8.8
2022-08-24 CVE-2022-2234 OS Command Injection vulnerability in Myscada Mypro
An authenticated mySCADA myPRO 8.26.0 user may be able to modify parameters to run commands directly in the operating system.
network
low complexity
myscada CWE-78
8.8
8.8
2022-05-13 CVE-2021-33013 Missing Authorization vulnerability in Myscada Mypro 7/7.0.26
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive system information.
network
low complexity
myscada CWE-862
7.5
7.5
2021-12-23 CVE-2021-22657 OS Command Injection vulnerability in Myscada Mypro 7/7.0.26
mySCADA myPRO: Versions 8.20.0 and prior has a feature where the API password can be specified, which may allow an attacker to inject arbitrary operating system commands through a specific parameter.
network
low complexity
myscada CWE-78
7.5
7.5
2021-12-23 CVE-2021-23198 OS Command Injection vulnerability in Myscada Mypro 7/7.0.26
mySCADA myPRO: Versions 8.20.0 and prior has a feature where the password can be specified, which may allow an attacker to inject arbitrary operating system commands through a specific parameter.
network
low complexity
myscada CWE-78
7.5
7.5
2021-12-23 CVE-2021-43981 OS Command Injection vulnerability in Myscada Mypro 7/7.0.26
mySCADA myPRO: Versions 8.20.0 and prior has a feature to send emails, which may allow an attacker to inject arbitrary operating system commands through a specific parameter.
network
low complexity
myscada CWE-78
7.5
7.5