Brightsign: >> 4k242 Firmware Security Vulnerabilities
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-12-18
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html.
CVSS Score
7.5
EPSS Score
0.162
Published
2017-12-18
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files.
CVSS Score
9.8
EPSS Score
0.213
Published
2017-12-18