Skip to main content

Thinmanager

16 CVEs product

Monthly

CVE-2025-9065 HIGH This Month

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Rockwell SSRF Thinmanager
NVD
CVSS 4.0
8.6
EPSS
0.0%
CVE-2025-3618 HIGH This Week

A denial-of-service vulnerability exists in the Rockwell Automation ThinManager. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Rockwell Buffer Overflow Thinmanager
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2025-3617 HIGH This Week

A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Rockwell Privilege Escalation Thinmanager
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2024-10387 HIGH This Week

CVE-2024-10387 IMPACT A Denial-of-Service vulnerability exists in the affected product. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Thinmanager
NVD
CVSS 4.0
8.7
EPSS
8.0%
CVE-2024-10386 CRITICAL Act Now

CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Thinmanager
NVD
CVSS 4.0
9.3
EPSS
16.6%
CVE-2024-45826 HIGH This Week

CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal Thinmanager
NVD
CVSS 4.0
8.5
EPSS
11.2%
CVE-2024-7986 MEDIUM This Month

A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat actor to disclose sensitive information. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Rockwell Thinmanager
NVD
CVSS 4.0
6.8
EPSS
0.6%
CVE-2024-5990 HIGH This Week

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to a monitor thread within Rockwell Automation ThinServer™ and cause a denial-of-service condition on. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rockwell Thinmanager Thinserver
NVD
CVSS 4.0
8.7
EPSS
2.3%
CVE-2024-5989 CRITICAL Act Now

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Rockwell SQLi Thinmanager Thinserver
NVD
CVSS 4.0
9.3
EPSS
2.4%
CVE-2024-5988 CRITICAL Act Now

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke a local or remote executable and cause a remote code execution condition on the Rockwell. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Rockwell Thinmanager Thinserver
NVD
CVSS 4.0
9.3
EPSS
2.7%
CVE-2023-2913 MEDIUM This Month

An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an API feature in the HTTPS Server Settings. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Rockwell Thinmanager
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2023-2443 HIGH This Week

Rockwell Automation ThinManager product allows the use of medium strength ciphers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell Information Disclosure Thinmanager
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-27857 HIGH This Week

In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Rockwell Thinmanager
NVD
CVSS 3.1
7.5
EPSS
18.3%
CVE-2023-27856 HIGH POC THREAT This Week

In affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation's ThinManager ThinServer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell Path Traversal Thinmanager
NVD
CVSS 3.1
7.5
EPSS
76.1%
CVE-2023-27855 CRITICAL POC THREAT Act Now

In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Rockwell Path Traversal Thinmanager
NVD
CVSS 3.1
9.8
EPSS
13.5%
CVE-2022-38742 CRITICAL Act Now

Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell RCE Heap Overflow Buffer Overflow Thinmanager
NVD
CVSS 3.1
9.8
EPSS
21.8%
EPSS 0% CVSS 8.6
HIGH This Month

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Rockwell SSRF Thinmanager
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A denial-of-service vulnerability exists in the Rockwell Automation ThinManager. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Rockwell Buffer Overflow Thinmanager
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A privilege escalation vulnerability exists in the Rockwell Automation ThinManager. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Rockwell Privilege Escalation Thinmanager
NVD
EPSS 8% CVSS 8.7
HIGH This Week

CVE-2024-10387 IMPACT A Denial-of-Service vulnerability exists in the affected product. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Thinmanager
NVD
EPSS 17% CVSS 9.3
CRITICAL Act Now

CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Thinmanager
NVD
EPSS 11% CVSS 8.5
HIGH This Week

CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal Thinmanager
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat actor to disclose sensitive information. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Rockwell Thinmanager
NVD
EPSS 2% CVSS 8.7
HIGH This Week

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to a monitor thread within Rockwell Automation ThinServer™ and cause a denial-of-service condition on. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rockwell Thinmanager +1
NVD
EPSS 2% CVSS 9.3
CRITICAL Act Now

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Rockwell SQLi +2
NVD
EPSS 3% CVSS 9.3
CRITICAL Act Now

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke a local or remote executable and cause a remote code execution condition on the Rockwell. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Rockwell Thinmanager +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an API feature in the HTTPS Server Settings. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Rockwell Thinmanager
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Rockwell Automation ThinManager product allows the use of medium strength ciphers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell Information Disclosure Thinmanager
NVD
EPSS 18% CVSS 7.5
HIGH This Week

In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Rockwell +1
NVD
EPSS 76% CVSS 7.5
HIGH POC THREAT This Week

In affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation's ThinManager ThinServer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell Path Traversal Thinmanager
NVD
EPSS 13% CVSS 9.8
CRITICAL POC THREAT Act Now

In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Rockwell Path Traversal +1
NVD
EPSS 22% CVSS 9.8
CRITICAL Act Now

Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell RCE Heap Overflow +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy