Vulnerability Details CVE-2026-28701
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 53.4%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2026-28701
-
cpe:2.3:h:daktronics:dmp-5000:-
-
cpe:2.3:h:daktronics:dmp-8000:-
-
cpe:2.3:h:daktronics:vfc-dmp-5000:-
-
cpe:2.3:o:daktronics:dmp-5000_firmware:*
-
cpe:2.3:o:daktronics:dmp-5000_firmware:10.0.0.0
-
cpe:2.3:o:daktronics:dmp-5000_firmware:9.0.0.0
-
cpe:2.3:o:daktronics:dmp-8000_firmware:*
-
cpe:2.3:o:daktronics:dmp-8000_firmware:10.0.0.0
-
cpe:2.3:o:daktronics:dmp-8000_firmware:9.0.0.0
-
cpe:2.3:o:daktronics:vfc-dmp-5000_firmware:*
-
cpe:2.3:o:daktronics:vfc-dmp-5000_firmware:10.0.0.0
-
cpe:2.3:o:daktronics:vfc-dmp-5000_firmware:9.0.0.0