EUVD-2026-39923

Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...

CVE-2026-31928

The CVE-2026-31928 entry concerns DMP-5000 devices shipped with a default administrative web account and weak authentication controls that are not required to be changed during initial configuration or operation, enabling full system access if exploited. The issue is tied to hard-coded/default cr...

CVE-2026-33560

The CVE-2026-33560 issue affects the DMP-5000 file service, where an authenticated user can upload files of any type without validation, because there is no file-extension filtering or content inspection, allowing executable binaries/scripts to be written to the server. The vulnerability stems fr...

CVE-2026-28701 Daktronics Controller Firmware Path Traversal

Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...

CVE-2026-28701

CVE-2026-28701 affects various versions of Daktronics Controller Firmware. The vulnerability is a path traversal flaw permitting authenticated or unauthenticated remote users to escape the intended directory and enumerate arbitrary filesystem paths, with potential high impact to confidentiality, ...

ICS-CERT Alert on Easily Hackable Road Signs

A new, remotely exploitable vulnerability in Daktronics’ Vanguard software could make it even easier for attackers to hack electronic road signs, a task that was reportedly never very difficult to begin with. Daktronics’ Vanguard dynamic highway message sign configuration software was initially...