Rockwell Automation ThinManager ThinServer Path Traversal File Upload (CVE-2023-2917)

Binary data rockwellthinmanagerthinservercve-2023-2917.nbin...

CVE-2023-2917

creationtimestamp| type| source ---|---|--- 2023-08-17 20:37:33+00:00| seen| https://t.me/cibsecurity/68770 2025-06-04 21:56:31+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/networking/thinmanagertraversalupload2.rb 2025-06-05 21:02:22+00:00| seen...

CVE-2023-2917

The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability. Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote...

CVE-2023-2917

Rockwell Automation ThinManager ThinServer is affected by CVE-2023-2917, a path traversal vulnerability caused by improper input validation in the filename field. An unauthenticated remote attacker could upload arbitrary files to any directory on the disk where ThinServer.exe runs, potentially en...