Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mypro
(Myscada)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 27 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-04-27 | CVE-2023-29150 | mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands. | Mypro | 8.8 | ||
| 2023-04-27 | CVE-2023-29169 | mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands. | Mypro | 8.8 | ||
| 2021-12-23 | CVE-2021-43989 | mySCADA myPRO Versions 8.20.0 and prior stores passwords using MD5, which may allow an attacker to crack the previously retrieved password hashes. | Mypro | 7.5 | ||
| 2021-12-23 | CVE-2021-43985 | An unauthenticated remote attacker can access mySCADA myPRO Versions 8.20.0 and prior without any form of authentication or authorization. | Mypro | 9.8 | ||
| 2021-12-23 | CVE-2021-43987 | An additional, nondocumented administrative account exists in mySCADA myPRO Versions 8.20.0 and prior that is not exposed through the web interface, which cannot be deleted or changed through the regular web interface. | Mypro | 9.8 | ||
| 2021-12-23 | CVE-2021-44453 | mySCADA myPRO: Versions 8.20.0 and prior has a vulnerable debug interface which includes a ping utility, which may allow an attacker to inject arbitrary operating system commands. | Mypro | 9.8 | ||
| 2021-12-23 | CVE-2021-43984 | mySCADA myPRO: Versions 8.20.0 and prior has a feature where the firmware can be updated, which may allow an attacker to inject arbitrary operating system commands through a specific parameter. | Mypro | 9.8 | ||
| 2021-12-23 | CVE-2021-22657 | mySCADA myPRO: Versions 8.20.0 and prior has a feature where the API password can be specified, which may allow an attacker to inject arbitrary operating system commands through a specific parameter. | Mypro | 9.8 | ||
| 2021-12-23 | CVE-2021-43981 | mySCADA myPRO: Versions 8.20.0 and prior has a feature to send emails, which may allow an attacker to inject arbitrary operating system commands through a specific parameter. | Mypro | 9.8 | ||
| 2021-12-23 | CVE-2021-23198 | mySCADA myPRO: Versions 8.20.0 and prior has a feature where the password can be specified, which may allow an attacker to inject arbitrary operating system commands through a specific parameter. | Mypro | 9.8 |