Critical severity9.8NVD Advisory· Published Jul 12, 2017· Updated Apr 30, 2026

CVE-2017-11165

Description

dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI.

Affected products

Thermofisher/Dt80 Dex Firmware
cpe:2.3:o:thermofisher:dt80_dex_firmware:1.50.012:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/143328/DataTaker-DT80-dEX-1.50.012-Sensitive-Configuration-Exposure.htmlnvdExploitThird Party AdvisoryVDB Entry
www.exploit-db.com/exploits/42313/nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.072
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000