Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-11165 PoC — Thermo Fisher Scientific Thermo Fisher Scientific dataTaker DT80 dEX 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2017/CVE-2017-11165.yaml
Associated Vulnerability
Title:Thermo Fisher Scientific Thermo Fisher Scientific dataTaker DT80 dEX 安全漏洞 (CVE-2017-11165)
Description:Thermo Fisher Scientific dataTaker DT80 dEX是澳大利亚Thermo Fisher Scientific公司的一款数据采集记录器。 Thermo Fisher Scientific dataTaker DT80 dEX 1.50.012版本中存在安全漏洞。远程攻击者可利用该漏洞获取敏感证书和配置信息。
Description
DataTaker DT80 dEX 1.50.012 is susceptible to information disclosure. A remote attacker can obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI, thereby possibly accessing sensitive information, modifying data, and/or executing unauthorized operations.
File Snapshot

 id: CVE-2017-11165

info:
  name: DataTaker DT80 dEX 1.50.012 - Information Disclosure
  author: the

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.