漏洞标题
Rockwell Automation ThinManager Thinserver Software 受输入验证漏洞影响
漏洞描述信息
罗克韦尔自动化ThinManager Thinserver软件存在输入验证漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
对路径名的限制不恰当(路径遍历)
漏洞标题
Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability
漏洞描述信息
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability. Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
输入验证不恰当
漏洞标题
Rockwell Automation ThinManager 路径遍历漏洞
漏洞描述信息
Rockwell Automation ThinManager是美国罗克韦尔(Rockwell Automation)公司的一款瘦客户端管理软件。允许将瘦客户端同时分配给多个远程桌面服务器。 Rockwell Automation Thinmanager Thinserver存在安全漏洞,该漏洞源于filename字段存在路径遍历漏洞。攻击者可利用该漏洞将任意文件上传到磁盘驱动器上的任何目录。
CVSS信息
N/A
漏洞类别
路径遍历