Brightsign 4K242 Firmware vulnerabilities
3 known vulnerabilities affecting brightsign/4k242_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2017-17739P2CRITICALCVSS 9.8PoC≤ 6.2.632017-12-18
CVE-2017-17739 [CRITICAL] CWE-22 CVE-2017-17739: The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal vi
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files.
nvd
CVE-2017-17738P3HIGHCVSS 7.5PoC≤ 6.2.632017-12-18
CVE-2017-17738 [HIGH] CVE-2017-17738: The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modify
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html.
nvd
CVE-2017-17737P3MEDIUMCVSS 6.1PoC≤ 6.2.632017-12-18
CVE-2017-17737 [MEDIUM] CWE-79 CVE-2017-17737: The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parame
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html.
nvd