VYPR

myPRO

by Scada Lts

CVEs (25)

  • CVE-2021-33009HigMay 13, 2022
    risk 0.49cvss 7.5epss 0.01

    mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to the file system.

  • CVE-2021-33005HigMay 13, 2022
    risk 0.49cvss 7.5epss 0.01

    mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to arbitrary directories.

  • CVE-2021-27505HigMay 13, 2022
    risk 0.49cvss 7.5epss 0.01

    mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information.

  • CVE-2021-43989HigDec 23, 2021
    risk 0.49cvss 7.5epss 0.01

    mySCADA myPRO Versions 8.20.0 and prior stores passwords using MD5, which may allow an attacker to crack the previously retrieved password hashes.

  • CVE-2018-11517MedMay 28, 2018
    risk 0.35cvss 5.3epss 0.02

    mySCADA myPRO 7 allows remote attackers to discover all ProjectIDs in a project by sending all of the prj parameter values from 870000 to 875000 in t=0&rq=0 requests to TCP port 11010.

Page 2 of 2