mySCADA PRO Manager Command Injection (CVE-2024-47407)

critical Nessus Plugin ID 214704

Version 1.18 Nov 3, 2025, 9:25 PM Logic Changes (Corrects handling base64 encoded HTTP cookies) Plugin Feed: 202511032125
Version 1.17 Oct 27, 2025, 3:15 PM Logic Changes (Gate HTTP debugging behind hidden preference) Plugin Feed: 202510271515
Version 1.16 Oct 23, 2025, 3:11 AM Logic Changes (Fix HTTP/1 library to make sure it closes unused Keep-Alive connections) Plugin Feed: 202510230311
Version 1.14 Oct 16, 2025, 4:39 PM Logic Changes (Implement workaround in HTTP library to prevent triggering an engine bug.) Plugin Feed: 202510161639
Version 1.12 Oct 1, 2025, 9:12 PM Logic Changes (Adding support for user-supplied header added to all HTTP requests.) Plugin Feed: 202510012112
Version 1.11 Sep 30, 2025, 12:41 AM Logic Changes (Add extra checks to see whether plugins should run. Modernisation of the HTTP/1 library. Various corrections and fixes for CPE related Flatline Test Failures. Remove spurious authentication header.) Plugin Feed: 202509300041
Version 1.9 Jul 15, 2025, 2:39 AM Logic Changes Plugin Feed: 202507150239
Version 1.8 Jul 10, 2025, 5:41 PM Logic Changes (Windows CA support) Plugin Feed: 202507101741
Version 1.7 Feb 12, 2025, 3:29 PM Logic Changes Plugin Feed: 202502121529
Version 1.6 Feb 12, 2025, 1:58 AM Logic Changes Plugin Feed: 202502120158
Version 1.4 Feb 10, 2025, 4:00 PM Logic Changes Plugin Feed: 202502101600
Version 1.2 Jan 29, 2025, 9:47 AM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C") Exploit attributes ("Exploitability ease" set to "Exploits are available") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True") Plugin Feed: 202501290947
Version 1.1 Jan 28, 2025, 2:39 PM New Plugin Feed: 202501281439

* Changelogs are generally available for changes made after Nov 1, 2022