automatic module_metadata_base.json update

Author: jenkins-metasploit

db/modules_metadata_base.json

@@ -8866,6 +8866,50 @@
     "needs_cleanup": false,
     "actions": []
   },
+  "auxiliary_admin/networking/thinmanager_traversal_upload2": {
+    "name": "ThinManager Path Traversal (CVE-2023-2917) Arbitrary File Upload",
+    "fullname": "auxiliary/admin/networking/thinmanager_traversal_upload2",
+    "aliases": [],
+    "rank": 300,
+    "disclosure_date": "2023-08-17",
+    "type": "auxiliary",
+    "author": [
+      "Michael Heinzl",
+      "Tenable"
+    ],
+    "description": "This module exploits a path traversal vulnerability (CVE-2023-2917) in ThinManager <= v13.1.0 to upload arbitrary files to the target system.\n\n          The affected service listens by default on TCP port 2031 and runs in the context of NT AUTHORITY\\SYSTEM.",
+    "references": [
+      "CVE-2023-2917 ",
+      "URL-https://www.tenable.com/security/research/tra-2023-28",
+      "URL-https://support.rockwellautomation.com/app/answers/answer_view/a_id/1140471"
+    ],
+    "platform": "",
+    "arch": "",
+    "rport": 2031,
+    "autofilter_ports": [],
+    "autofilter_services": [],
+    "targets": null,
+    "mod_time": "2025-05-15 21:55:27 +0000",
+    "path": "/modules/auxiliary/admin/networking/thinmanager_traversal_upload2.rb",
+    "is_install_path": true,
+    "ref_name": "admin/networking/thinmanager_traversal_upload2",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [],
+      "SideEffects": [
+        "ioc-in-logs",
+        "artifacts-on-disk"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": false,
+    "actions": []
+  },
   "auxiliary_admin/networking/ubiquiti_config": {
     "name": "Ubiquiti Configuration Importer",
     "fullname": "auxiliary/admin/networking/ubiquiti_config",