PT-2017-11950 · Datataker · Datataker Dt8X Dex
Ku7
·
Published
2017-07-17
·
Updated
2026-04-30
·
CVE-2017-11349
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
dataTaker DT8x dEX version 1.72.007
Description
The issue allows remote attackers to compose programs or schedules. This can be used for various purposes, including sending e-mail messages or making outbound connections to FTP servers for uploading data.
Recommendations
For version 1.72.007, consider restricting access to the scheduling functionality to prevent unauthorized composition of programs or schedules until a fix is available.
Exploit
Fix
Insufficiently Protected Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Datataker Dt8X Dex