Vulnerabilities > Myscada > Mypro > High

DATE CVE VULNERABILITY TITLE RISK
2023-04-27 CVE-2023-28384 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
2023-04-27 CVE-2023-28400 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
2023-04-27 CVE-2023-28716 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
2023-04-27 CVE-2023-29150 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
2023-04-27 CVE-2023-29169 OS Command Injection vulnerability in Myscada Mypro
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
network
low complexity
myscada CWE-78
8.8
2022-08-24 CVE-2022-2234 OS Command Injection vulnerability in Myscada Mypro
An authenticated mySCADA myPRO 8.26.0 user may be able to modify parameters to run commands directly in the operating system.
network
low complexity
myscada CWE-78
8.8
2022-05-13 CVE-2021-27505 Information Exposure Through Directory Listing vulnerability in Myscada Mypro 7/7.0.26
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information.
network
low complexity
myscada CWE-548
7.5
2022-05-13 CVE-2021-33005 Path Traversal vulnerability in Myscada Mypro 7/7.0.26
mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to arbitrary directories.
network
low complexity
myscada CWE-22
7.5
2022-05-13 CVE-2021-33009 Unrestricted Upload of File with Dangerous Type vulnerability in Myscada Mypro 7/7.0.26
mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to the file system.
network
low complexity
myscada CWE-434
7.5
2022-05-13 CVE-2021-33013 Missing Authorization vulnerability in Myscada Mypro 7/7.0.26
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive system information.
network
low complexity
myscada CWE-862
7.5