Mypro Manager
by Scada Lts
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-47407 | Cri | 0.74 | 10.0 | 0.64 | Nov 22, 2024 | A parameter within a command does not properly validate input within myPRO Manager which could be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands. | ||
| CVE-2025-24865 | 0.08 | — | 0.07 | Feb 13, 2025 | The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password. | |||
| CVE-2025-22896 | 0.06 | — | 0.03 | Feb 13, 2025 | mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain sensitive information. | |||
| CVE-2025-25067 | 0.00 | — | 0.02 | Feb 13, 2025 | mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrary OS commands. | |||
| CVE-2025-23411 | 0.00 | — | 0.01 | Feb 13, 2025 | mySCADA myPRO Manager is vulnerable to cross-site request forgery (CSRF), which could allow an attacker to obtain sensitive information. An attacker would need to trick the victim in to visiting an attacker-controlled website. |
- risk 0.74cvss 10.0epss 0.64
A parameter within a command does not properly validate input within myPRO Manager which could be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands.
- CVE-2025-24865Feb 13, 2025risk 0.08cvss —epss 0.07
The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password.
- CVE-2025-22896Feb 13, 2025risk 0.06cvss —epss 0.03
mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain sensitive information.
- CVE-2025-25067Feb 13, 2025risk 0.00cvss —epss 0.02
mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrary OS commands.
- CVE-2025-23411Feb 13, 2025risk 0.00cvss —epss 0.01
mySCADA myPRO Manager is vulnerable to cross-site request forgery (CSRF), which could allow an attacker to obtain sensitive information. An attacker would need to trick the victim in to visiting an attacker-controlled website.