mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
[
{
"vendor": "mySCADA Technologies",
"product": "mySCADA myPRO",
"versions": [
{
"status": "affected",
"version": "0",
"lessThanOrEqual": "8.26.0",
"versionType": "custom"
}
]
}
]