automatic module_metadata_base.json update

Author: jenkins-metasploit

db/modules_metadata_base.json

@@ -8822,6 +8822,50 @@
       }
     ]
   },
+  "auxiliary_admin/networking/thinmanager_traversal_upload": {
+    "name": "ThinManager Path Traversal (CVE-2023-27855) Arbitrary File Upload",
+    "fullname": "auxiliary/admin/networking/thinmanager_traversal_upload",
+    "aliases": [],
+    "rank": 300,
+    "disclosure_date": "2023-04-05",
+    "type": "auxiliary",
+    "author": [
+      "Michael Heinzl",
+      "Tenable"
+    ],
+    "description": "This module exploits a path traversal vulnerability (CVE-2023-27855 ) in ThinManager <= v13.0.1 to upload arbitrary files to the target system.\n\n          The affected service listens by default on TCP port 2031 and runs in the context of NT AUTHORITY\\SYSTEM.",
+    "references": [
+      "CVE-2023-27855 ",
+      "URL-https://www.tenable.com/security/research/tra-2023-13",
+      "URL-https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1138640"
+    ],
+    "platform": "",
+    "arch": "",
+    "rport": 2031,
+    "autofilter_ports": [],
+    "autofilter_services": [],
+    "targets": null,
+    "mod_time": "2025-05-15 21:55:58 +0000",
+    "path": "/modules/auxiliary/admin/networking/thinmanager_traversal_upload.rb",
+    "is_install_path": true,
+    "ref_name": "admin/networking/thinmanager_traversal_upload",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [],
+      "SideEffects": [
+        "ioc-in-logs",
+        "artifacts-on-disk"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": false,
+    "actions": []
+  },
   "auxiliary_admin/networking/ubiquiti_config": {
     "name": "Ubiquiti Configuration Importer",
     "fullname": "auxiliary/admin/networking/ubiquiti_config",