Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
myscada

myPRO Runtime

1 Version 5 CVEs

Versions

0

SINGLE_NUMBER 5 CVEs

Recent CVEs

CVE-2024-50054

The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system.

HIGH Nov 22, 2024

CVE-2024-47138

The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed.

CRITICAL Nov 22, 2024

CVE-2024-45369

The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource.

HIGH Nov 22, 2024

CVE-2024-52034

An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command can be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands.

CRITICAL Nov 22, 2024

CVE-2024-47407

A parameter within a command does not properly validate input within myPRO Manager which could be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands.

CRITICAL Nov 22, 2024