The Rockwell Automation ThinManager ThinServer running on the remote host is affected by a path traversal vulnerability due to the lack of proper validation of user-supplied data. An unauthenticated, remote attacker can exploit this, via specially crafted messages, to upload arbitrary files to the remote host.
Binary data rockwell_thinmanager_thinserver_cve-2023-27855.nbin
Vendor | Product | Version | CPE |
---|---|---|---|
rockwellautomation | thinmanager | cpe:/a:rockwellautomation:thinmanager |