RSS   Vulnerabilities for '4k242 firmware'   RSS

2017-12-18
 
CVE-2017-17739

CWE-22
 

 
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files.

 
 
CVE-2017-17738

CWE-noinfo
 

 
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html.

 
 
CVE-2017-17737

CWE-79
 

 
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html.

 


Copyright 2024, cxsecurity.com

 

Back to Top