Lucene search
+L

11 matches found

euvd
euvd
added 2026/06/27 12:30 a.m.7 views

EUVD-2026-39923

Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...

9.8CVSS6AI score0.00702EPSS
Exploits0References3
nvd
nvd
added 2026/06/26 11:17 p.m.13 views

CVE-2026-28701

Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...

9.8CVSS0.00702EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/26 10:52 p.m.38 views

CVE-2026-31928 Daktronics Controller Firmware Use of Hard-coded Credentials

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...

9.3CVSS0.00569EPSS
Exploits0References2
cve
cve
added 2026/06/26 10:52 p.m.19 views

CVE-2026-31928

The CVE-2026-31928 entry concerns DMP-5000 devices shipped with a default administrative web account and weak authentication controls that are not required to be changed during initial configuration or operation, enabling full system access if exploited. The issue is tied to hard-coded/default cr...

9.8CVSS5.8AI score0.00569EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/06/26 10:48 p.m.16 views

CVE-2026-33560

The CVE-2026-33560 issue affects the DMP-5000 file service, where an authenticated user can upload files of any type without validation, because there is no file-extension filtering or content inspection, allowing executable binaries/scripts to be written to the server. The vulnerability stems fr...

8.8CVSS5.9AI score0.00459EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/26 10:48 p.m.58 views

CVE-2026-33560 Daktronics Controller Firmware Unrestricted Upload of File with Dangerous Type

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

8.4CVSS0.00459EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/26 10:40 p.m.8 views

CVE-2026-28701

Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...

9.8CVSS6AI score0.00702EPSS
Exploits0References3
cve
cve
added 2026/06/26 10:40 p.m.19 views

CVE-2026-28701

CVE-2026-28701 affects various versions of Daktronics Controller Firmware. The vulnerability is a path traversal flaw permitting authenticated or unauthenticated remote users to escape the intended directory and enumerate arbitrary filesystem paths, with potential high impact to confidentiality, ...

9.8CVSS6AI score0.00702EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/26 10:40 p.m.35 views

CVE-2026-28701 Daktronics Controller Firmware Path Traversal

Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...

9.8CVSS0.00702EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/26 12:0 a.m.17 views

PT-2026-52987

Name of the Vulnerable Software and Affected Versions Daktronics Controller Firmware affected versions not specified Description Remote authenticated and unauthenticated users can perform path traversal, which allows them to escape the intended directory and enumerate arbitrary file system paths...

9.8CVSS5.9AI score0.00702EPSS
Exploits0References11
threatpost
threatpost
added 2014/06/09 11:38 a.m.19 views

ICS-CERT Alert on Easily Hackable Road Signs

A new, remotely exploitable vulnerability in Daktronics’ Vanguard software could make it even easier for attackers to hack electronic road signs, a task that was reportedly never very difficult to begin with. Daktronics’ Vanguard dynamic highway message sign configuration software was initially...

2.5AI score
Exploits0References2
Rows per page
Query Builder