Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Rockwell Automation ThinManager Software Vulnerable to Arbitrary Code Execution and Denial-Of-Service Attack
Vulnerability Description
Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could expose the server to arbitrary remote code execution.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
Rockwell Automation ThinManager 缓冲区错误漏洞
Vulnerability Description
Rockwell Automation ThinManager是美国Rockwell Automation公司的一款瘦客户端管理软件。允许将瘦客户端同时分配给多个远程桌面服务器。 Rockwell Automation ThinManager 11.0.0版本至13.0.0版本存在安全漏洞,该漏洞源于易受基于堆的缓冲区溢出攻击。攻击者利用该漏洞可以发送特制的TFTP或HTTPS请求,导致基于堆的缓冲区溢出,从而使ThinServer进程崩溃。
CVSS Information
N/A
Vulnerability Type
N/A