CVE-2017-17739
published 2017-12-18CVE-2017-17739: The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an attacker to…
PriorityP266critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
11.89%
95.6th percentile
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| brightsign | 4k242_firmware | <= 6.2.63 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect directory traversal attempts against the BrightSign /storage.html endpoint by monitoring HTTP requests where the 'rp' parameter contains URL-encoded dot-dot sequences (e.g., %2E%2E%2F) traversing to sensitive paths such as /etc. ↗
- →Monitor for unauthenticated POST/file-upload requests to /storage.html, which allows unauthenticated upload of arbitrary files to the device. ↗
- →Monitor for unauthenticated requests to /tools.html that perform file rename or manipulation operations on the BrightSign device. ↗
- →Detect XSS probes against BrightSign pages /network_diagnostics.html and /storage_info.html by inspecting the 'REF' parameter for unsanitized script injection payloads. ↗
- →Flag any unauthenticated access to BrightSign management pages (/storage.html, /tools.html, /network_diagnostics.html, /storage_info.html) from external or untrusted network segments, as all exploits described require no authentication. ↗
- ·Affected firmware is version 6.2.63 and below on the BrightSign 4k242 device; detections should be scoped to environments running this firmware version or lower. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2017-12-18
Published