Vulnerabilities (CVE)

Filtered by vendor Brightsign Subscribe
Filtered by product 4k242
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-17739 1 Brightsign 2 4k242, 4k242 Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files.
CVE-2017-17738 1 Brightsign 2 4k242, 4k242 Firmware 2024-11-21 6.4 MEDIUM 7.5 HIGH
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html.
CVE-2017-17737 1 Brightsign 2 4k242, 4k242 Firmware 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html.