Lucene search
China National Vulnerability DatabaseCNVD-2023-91235HistoryAug 19, 2023 - 12:00 a.m.
Rockwell Automation ThinManager ThinServer Input Validation Error Vulnerability
2023-08-1900:00:00
China National Vulnerability Database
www.cnvd.org.cn
2
rockwell automation thinmanager
thinserver
input validation
security vulnerability
file deletion
system privileges
attack exploitation
Rockwell Automation ThinManager is a thin client management software from Rockwell Automation, Inc. It allows thin clients to be assigned to multiple remote desktop servers at the same time. An input validation error vulnerability exists in Rockwell Automation ThinManager ThinServer, which can be exploited by an attacker to send a specially crafted request containing a “dot dot” sequence (/… /…) can be exploited to send a specially crafted request containing a “dot dot” sequence (/…) to delete an arbitrary file with system privileges.
Related
cve
cve
CVE-2023-2915
2023-08-17 16:15:09
nvd
nvd
CVE-2023-2915
2023-08-17 16:15:09
prion
prion
Path traversal
2023-08-17 16:15:00
cvelist
cvelist
ics
ics
Rockwell Automation ThinManager ThinServer
2023-08-22 12:00:00