Vulnerabilities > Brightsign > 4K242
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-18 | CVE-2017-17739 | Path Traversal vulnerability in Brightsign 4K242 Firmware The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files. | 7.5 |
| 2017-12-18 | CVE-2017-17738 | Unspecified vulnerability in Brightsign 4K242 Firmware The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html. | 6.4 |
| 2017-12-18 | CVE-2017-17737 | Cross-site Scripting vulnerability in Brightsign 4K242 Firmware The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html. | 4.3 |