Vulnerabilities > Myscada > Mypro > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-13 | CVE-2021-27505 | Information Exposure Through Directory Listing vulnerability in Myscada Mypro 7/7.0.26 mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information. | 5.0 |
| 2022-05-13 | CVE-2021-33005 | Path Traversal vulnerability in Myscada Mypro 7/7.0.26 mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to arbitrary directories. | 5.0 |
| 2022-05-13 | CVE-2021-33009 | Unrestricted Upload of File with Dangerous Type vulnerability in Myscada Mypro 7/7.0.26 mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to the file system. | 5.0 |
| 2018-05-28 | CVE-2018-11517 | Information Exposure vulnerability in Myscada Mypro 7.0 mySCADA myPRO 7 allows remote attackers to discover all ProjectIDs in a project by sending all of the prj parameter values from 870000 to 875000 in t=0&rq=0 requests to TCP port 11010. | 5.0 |
| 2018-05-20 | CVE-2018-11311 | Use of Hard-coded Credentials vulnerability in Myscada Mypro 7.0 A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials. | 6.4 |