exploitDog

CVE-2017-17738

Опубликовано: 18 дек. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 6.4

EPSS Средний

Описание

The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html.

Ссылки

http://www.information-paradox.net/2017/12/brightsign-multiple-vulnerablities-cve.html
Issue Tracking
Third Party Advisory
https://www.exploit-db.com/exploits/43364/
Exploit
Issue Tracking
Third Party Advisory
VDB Entry
http://www.information-paradox.net/2017/12/brightsign-multiple-vulnerablities-cve.html
Issue Tracking
Third Party Advisory
https://www.exploit-db.com/exploits/43364/
Exploit
Issue Tracking
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:brightsign:4k242_firmware:*:*:*:*:*:*:*:*

Версия до 6.2.63 (включая)

cpe:2.3:h:brightsign:4k242:-:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.16154

Средний

7.5 High

CVSS3

6.4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-r9qc-76gr-hjxw

CVSS3: 7.5

github

больше 3 лет назад

The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html.

EPSS

Процентиль: 95%

0.16154

Средний

7.5 High

CVSS3

6.4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo