module
mySCADA myPRO Manager Unauthenticated Command Injection (CVE-2024-47407)
| Disclosed |
|---|
| Nov 21, 2024 |
Disclosed
Nov 21, 2024
Description
Unauthenticated Command Injection in MyPRO Manager The vulnerability can be exploited by a remote attacker to inject arbitrary operating system commands which will get executed in the context of the myscada9 administrative user that is automatically added by the product.
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.