漏洞标题
Rockwell Automation ThinManager 软件可遭受任意代码执行和拒绝服务攻击
漏洞描述信息
Rockwell Automation ThinManager软件存在任意代码执行和拒绝服务攻击漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Rockwell Automation ThinManager Software Vulnerable to Arbitrary Code Execution and Denial-Of-Service Attack
漏洞描述信息
Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could expose the server to arbitrary remote code execution.
CVSS信息
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
堆缓冲区溢出
漏洞标题
Rockwell Automation ThinManager 缓冲区错误漏洞
漏洞描述信息
Rockwell Automation ThinManager是美国Rockwell Automation公司的一款瘦客户端管理软件。允许将瘦客户端同时分配给多个远程桌面服务器。 Rockwell Automation ThinManager 11.0.0版本至13.0.0版本存在安全漏洞,该漏洞源于易受基于堆的缓冲区溢出攻击。攻击者利用该漏洞可以发送特制的TFTP或HTTPS请求,导致基于堆的缓冲区溢出,从而使ThinServer进程崩溃。
CVSS信息
N/A
漏洞类别
缓冲区错误