Lucene search
+L

7 matches found

NVD
NVD
added 2026/06/26 11:17 p.m.16 views

CVE-2026-33560

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

8.8CVSS0.00459EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 10:52 p.m.40 views

CVE-2026-31928 Daktronics Controller Firmware Use of Hard-coded Credentials

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...

9.3CVSS0.00569EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 10:52 p.m.20 views

CVE-2026-31928

The CVE-2026-31928 entry concerns DMP-5000 devices shipped with a default administrative web account and weak authentication controls that are not required to be changed during initial configuration or operation, enabling full system access if exploited. The issue is tied to hard-coded/default cr...

9.8CVSS5.8AI score0.00569EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/26 10:52 p.m.7 views

CVE-2026-31928

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...

9.3CVSS5.8AI score0.00569EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/26 10:48 p.m.59 views

CVE-2026-33560 Daktronics Controller Firmware Unrestricted Upload of File with Dangerous Type

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

8.4CVSS0.00459EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/26 10:48 p.m.8 views

CVE-2026-33560

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

8.4CVSS5.9AI score0.00459EPSS
Exploits0References3
CVE
CVE
added 2026/06/26 10:48 p.m.18 views

CVE-2026-33560

The CVE-2026-33560 issue affects the DMP-5000 file service, where an authenticated user can upload files of any type without validation, because there is no file-extension filtering or content inspection, allowing executable binaries/scripts to be written to the server. The vulnerability stems fr...

8.8CVSS5.9AI score0.00459EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder