Path Traversal Vulnerability in Rockwell Automation's ThinManager ThinServer

Path Traversal Vulnerability in Rockwell Automation's ThinManager ThinServer

CVE-2023-27856 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

In affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to download arbitrary files on the disk drive where ThinServer.exe is installed.

Learn more about our Cis Benchmark Audit For Server Software.