CVE-2023-2915

EIP tracks 1 public exploit for CVE-2023-2915. PoCs published by Michael Heinzl, Tenable, including Metasploit module auxiliary/admin/networking/thinmanager_traversal_delete.

AI-analyzed exploit summary This Metasploit module exploits CVE-2023-2915, a path traversal vulnerability in ThinManager <= v13.1.0, allowing arbitrary file deletion via a crafted request to TCP port 2031. The exploit constructs a traversal path and sends a delete request to the target system.

The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges. A malicious user could exploit this vulnerability by sending a specifically crafted synchronization protocol message resulting in a denial-of-service condition.