Unrated severityNVD Advisory· Published Mar 21, 2023· Updated Feb 25, 2025
Rockwell Automation ThinManager ThinServer Path Traversal Upload
CVE-2023-27855
Description
In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker could potentially exploit this vulnerability to upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. The attacker could overwrite existing executable files with attacker-controlled, malicious contents, potentially causing remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 6.x - 10.x
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.