Vulnerability Details CVE-2018-11311
A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.429
EPSS Ranking 97.3%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 6.4
References
- https://emreovunc.com/blog/en/mySCADA-myPRO7-Exploit.pdf
- https://github.com/EmreOvunc/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password
- https://www.exploit-db.com/exploits/44656/
- https://emreovunc.com/blog/en/mySCADA-myPRO7-Exploit.pdf
- https://github.com/EmreOvunc/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password
- https://www.exploit-db.com/exploits/44656/