11 matches found
EUVD-2026-39923
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...
CVE-2026-28701
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...
CVE-2026-31928 Daktronics Controller Firmware Use of Hard-coded Credentials
The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...
CVE-2026-31928
The CVE-2026-31928 entry concerns DMP-5000 devices shipped with a default administrative web account and weak authentication controls that are not required to be changed during initial configuration or operation, enabling full system access if exploited. The issue is tied to hard-coded/default cr...
CVE-2026-33560
The CVE-2026-33560 issue affects the DMP-5000 file service, where an authenticated user can upload files of any type without validation, because there is no file-extension filtering or content inspection, allowing executable binaries/scripts to be written to the server. The vulnerability stems fr...
CVE-2026-33560 Daktronics Controller Firmware Unrestricted Upload of File with Dangerous Type
The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...
CVE-2026-28701
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...
CVE-2026-28701
CVE-2026-28701 affects various versions of Daktronics Controller Firmware. The vulnerability is a path traversal flaw permitting authenticated or unauthenticated remote users to escape the intended directory and enumerate arbitrary filesystem paths, with potential high impact to confidentiality, ...
CVE-2026-28701 Daktronics Controller Firmware Path Traversal
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...
PT-2026-52987
Name of the Vulnerable Software and Affected Versions Daktronics Controller Firmware affected versions not specified Description Remote authenticated and unauthenticated users can perform path traversal, which allows them to escape the intended directory and enumerate arbitrary file system paths...
ICS-CERT Alert on Easily Hackable Road Signs
A new, remotely exploitable vulnerability in Daktronics’ Vanguard software could make it even easier for attackers to hack electronic road signs, a task that was reportedly never very difficult to begin with. Daktronics’ Vanguard dynamic highway message sign configuration software was initially...