Summary
Successful exploitation of these vulnerabilities could could provide an unauthenticated user with complete root-level access and control of the system.
The following versions of Daktronics Controller Firmware are affected:
- VFC-DMP-5000 <v8.117.x.x
- VFC-DMP-5000 <v9.43.x.x
- VFC-DMP-5000 <v10.34.x.x
- DMP-5000 <v10.34.x.x
- DMP-5000 <v8.117.x.x
- DMP-5000 <v9.43.x.x
- DMP-8000 <v10.34.x.x
- DMP-8000 <v8.117.x.x
- DMP-8000 <v9.43.x.x
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 8.1 | Daktronics | Daktronics Controller Firmware | Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’), Unrestricted Upload of File with Dangerous Type, Use of Hard-coded Credentials |
Background
- Critical Infrastructure Sectors: Commercial Facilities, Information Technology, Emergency Services, Healthcare and Public Health
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: United States
Vulnerabilities
CVE-2026-28701
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths.
Affected Products
Daktronics Controller Firmware
Daktronics
Daktronics VFC-DMP-5000: <v8.117.x.x, Daktronics VFC-DMP-5000: <v9.43.x.x, Daktronics VFC-DMP-5000: <v10.34.x.x, Daktronics DMP-5000: <v10.34.x.x, Daktronics DMP-5000: <v8.117.x.x, Daktronics DMP-5000: <v9.43.x.x, Daktronics DMP-8000: <v10.34.x.x, Daktronics DMP-8000: <v8.117.x.x, Daktronics DMP-8000: <v9.43.x.x
known_affected
Remediations
Mitigation
Daktronics recommends users update their device software to one of the following versions (based on product configuration in use): 8.117.0.x, 9.43.0.x, or 10.34.0.x
Mitigation
Daktronics recommends updating the default passwords and encourages using strong, unique credentials per device.
Relevant CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
Metrics
| CVSS Version | Base Score | Base Severity | Vector String |
|---|---|---|---|
| 3.1 | 7.7 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
| 4.0 | 9.3 | CRITICAL | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
CVE-2026-33560
The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and scripts to be accepted and written directly to the server.
Affected Products
Daktronics Controller Firmware
Daktronics
Daktronics VFC-DMP-5000: <v8.117.x
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: