Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

CNVD
CNVDadded 2017/12/20 12:0 a.m.2 views

BrightSign Digital Signage (4k242) Directory Traversal Vulnerability

The BrightSign Digital Signage 4k242 is a multimedia playback device from BrightSign USA. A directory traversal vulnerability exists in the BrightSign Digital Signage 4k242 using firmware version 6.2.63 and earlier. An attacker can exploit the vulnerability by sending the 'rp' parameter to the...

9.8CVSS6.9AI score0.21264EPSS
Exploits3References1
Packet Storm
Packet Stormadded 2017/12/19 12:0 a.m.64 views

BrightSign Digital Signage XSS / Traversal / File Upload

Exploit Title: BrightSign Digital Signage Multiple Vulnerabilities Date: 12/15/17 Exploit Author: [email protected] Vectors: XSS, Directory Traversal, File Modification, Information Leakage The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below suffers from multiple...

0.21264EPSS
Exploits5
NVD
NVDadded 2017/12/18 6:29 a.m.11 views

CVE-2017-17738

The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below allows renaming and modifying files via /tools.html...

7.5CVSS7.6AI score0.16154EPSS
Exploits3References2
OSV
OSVadded 2017/12/18 6:29 a.m.0 views

CVE-2017-17739

The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files...

9.8CVSS5.8AI score0.21264EPSS
Exploits3References2
NVD
NVDadded 2017/12/18 6:29 a.m.12 views

CVE-2017-17739

The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files...

9.8CVSS9.4AI score0.21264EPSS
Exploits3References2
Prion
Prionadded 2017/12/18 6:29 a.m.19 views

Code injection

The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below has XSS via the REF parameter to /networkdiagnostics.html or /storageinfo.html...

4.3CVSS5.9AI score0.00339EPSS
Exploits3References2Affected Software1
CVE
CVEadded 2017/12/18 6:0 a.m.53 views

CVE-2017-17739

The CVE-2017-17739 entry concerns BrightSign Digital Signage (4k242) devices with firmware 6.2.63 and earlier. A directory traversal flaw exists in the /storage.html page via the rp parameter, enabling an unauthenticated attacker to read or write files on the device. Connected sources (CNVD-2018-...

9.8CVSS9.2AI score0.21264EPSS
Exploits3References2Affected Software1
Cvelist
Cvelistadded 2017/12/18 6:0 a.m.22 views

CVE-2017-17737

The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below has XSS via the REF parameter to /networkdiagnostics.html or /storageinfo.html...

6.1AI score0.00339EPSS
Exploits3References2
CVE
CVEadded 2017/12/18 6:0 a.m.60 views

CVE-2017-17737

BrightSign Digital Signage (4k242) devices running firmware 6.2.63 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability in the REF parameter of /network_diagnostics.html and /storage_info.html. The issue originates from input not being validated, enabling injection that could le...

6.1CVSS5.9AI score0.00339EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder