VYPR

Mypro Manager

by Scada Lts

CVEs (5)

  • CVE-2024-47407CriNov 22, 2024
    risk 0.74cvss 10.0epss 0.64

    A parameter within a command does not properly validate input within myPRO Manager which could be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands.

  • CVE-2025-24865Feb 13, 2025
    risk 0.08cvss epss 0.07

    The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password.

  • CVE-2025-22896Feb 13, 2025
    risk 0.06cvss epss 0.03

    mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain sensitive information.

  • CVE-2025-25067Feb 13, 2025
    risk 0.00cvss epss 0.02

    mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrary OS commands.

  • CVE-2025-23411Feb 13, 2025
    risk 0.00cvss epss 0.01

    mySCADA myPRO Manager is vulnerable to cross-site request forgery (CSRF), which could allow an attacker to obtain sensitive information. An attacker would need to trick the victim in to visiting an attacker-controlled website.