01642 06 11 11 Arrange Call

Path Traversal Vulnerability in Rockwell Automation's ThinManager ThinServer

CVE-2023-27856 · HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2023-27856

In affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to download arbitrary files on the disk drive where ThinServer.exe is installed.

Learn more about our Cis Benchmark Audit For Server Software.