EmreOvunc/mySCADA-myPRO-7-projectID-Disclosure

Releases0

Stars4

CVE-2018-11517 | mySCADA myPRO v7.0.46 has another vulnerability to discover all projects in the system.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-11517 ↗	May 28, 2018Monday, 28 May 2018, 16:29	—	5 MEDIUM
mySCADA myPRO 7 allows remote attackers to discover all ProjectIDs in a project by sending all of the prj parameter values from 870000 to 875000 in t=0&rq=0 requests to TCP port 11010.