CVE-2017-11165

Severity CVSS v4.0:
Pending analysis
Type:
CWE-200 Information Leak / Disclosure
Publication date:
12/07/2017
Last modified:
17/06/2026

Description

dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:thermofisher:dt80_dex_firmware:1.50.012:*:*:*:*:*:*:*
cpe:2.3:h:thermofisher:dt80_dex:-:*:*:*:*:*:*:*