HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2021-27505

CVSS 7.5v3.1pub. 2022-05-13upd. 2024-11-21

mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Myscada Mypro

    APP
    Myscada
    < 8.20.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2025-25067CRITICAL9.3PL ✓ten sam produkt

Command Injection w mySCADA myPRO Manager — zdalne wykonanie poleceń OS

CVE-2025-24865CRITICAL10.0PL ✓ten sam produkt

Brak uwierzytelnienia w panelu administracyjnym mySCADA myPRO Manager

CVE-2025-22896CRITICAL9.2PL ✓ten sam produkt

mySCADA myPRO Manager — przechowywanie poświadczeń w postaci jawnej (cleartext)

CVE-2024-4708CRITICAL9.3PL ✓ten sam produkt

mySCADA myPRO — hardcoded password umożliwiający zdalne wykonanie kodu

CVE-2022-2234CRITICAL9.9ten sam produkt

An authenticated mySCADA myPRO 8.26.0 user may be able to modify parameters to run commands directly in the op...