VAR-201712-0913
Vulnerability from variot - Updated: 2025-04-20 23:29The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html. BrightSign Digital Signage (4k242) is a set of digital signage multimedia player equipment from BrightSign Company in the United States. A remote attacker could use this vulnerability to execute code by sending a 'REF' parameter to the /network_diagnostics.html or /storage_info.html webpage to execute code and steal tokens.
The pages:
/network_diagnostics.html /storage_info.html
Suffer from a Cross-Site Scripting vulnerability. The REF parameter for these pages do not sanitize user input, resulting in arbitrary execution, token theft and related attacks.
The RP parameter in STORAGE.HTML suffers from a directory traversal/information leakage weakness: /storage.html?rp=%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fetc
Through parameter manipulation, the file system can be traversed, unauthenticated, allowing for leakage of information and compromise of the device.
This page also allows for unauthenticated upload of files.
/tools.html
Page allows for unauthenticated rename/manipulation of files.
When combined, these vulnerabilities allow for compromise of both end users and the device itself.
Ex. A malicious attacker can upload a malicious page of their choosing and steal credentials, host malicious content or distribute content through the device, which accepts large format SD cards
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201712-0913",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "4k242",
"scope": "lte",
"trust": 3.4,
"vendor": "brightsign",
"version": "6.2.63"
},
{
"model": "digital signage",
"scope": "lte",
"trust": 0.6,
"vendor": "brightsign",
"version": "\u003c=6.2.63"
},
{
"model": "4k242",
"scope": "eq",
"trust": 0.6,
"vendor": "brightsign",
"version": "6.2.63"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-01361"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011556"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011555"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011554"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-661"
},
{
"db": "NVD",
"id": "CVE-2017-17737"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:brightsign:4k242_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011556"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "singularitysec",
"sources": [
{
"db": "PACKETSTORM",
"id": "145489"
}
],
"trust": 0.1
},
"cve": "CVE-2017-17737",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-17737",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-17737",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-17737",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2018-01361",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-108789",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2017-17737",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-17737",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-17737",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-17737",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-17737",
"trust": 0.8,
"value": "Critical"
},
{
"author": "NVD",
"id": "CVE-2017-17737",
"trust": 0.8,
"value": "High"
},
{
"author": "NVD",
"id": "CVE-2017-17737",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-01361",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-661",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-108789",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-01361"
},
{
"db": "VULHUB",
"id": "VHN-108789"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011556"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011555"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011554"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-661"
},
{
"db": "NVD",
"id": "CVE-2017-17737"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html. BrightSign Digital Signage (4k242) is a set of digital signage multimedia player equipment from BrightSign Company in the United States. A remote attacker could use this vulnerability to execute code by sending a \u0027REF\u0027 parameter to the /network_diagnostics.html or /storage_info.html webpage to execute code and steal tokens. \n \nThe pages:\n \n/network_diagnostics.html\n/storage_info.html\n \nSuffer from a Cross-Site Scripting vulnerability. The REF parameter for\nthese pages do not sanitize user input, resulting in arbitrary execution,\ntoken theft and related attacks. \n \n \n \nThe RP parameter in STORAGE.HTML suffers from a directory\ntraversal/information leakage weakness:\n/storage.html?rp=%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fetc\n \nThrough parameter manipulation, the file system can be traversed,\nunauthenticated, allowing for leakage of information and compromise of the\ndevice. \n \nThis page also allows for unauthenticated upload of files. \n \n/tools.html\n \nPage allows for unauthenticated rename/manipulation of files. \n \nWhen combined, these vulnerabilities allow for compromise of both end users\nand the device itself. \n \nEx. A malicious attacker can upload a malicious page of their choosing and\nsteal credentials, host malicious content or distribute content through the\ndevice, which accepts large format SD cards",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17737"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011556"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011555"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011554"
},
{
"db": "CNVD",
"id": "CNVD-2018-01361"
},
{
"db": "VULHUB",
"id": "VHN-108789"
},
{
"db": "PACKETSTORM",
"id": "145489"
}
],
"trust": 3.78
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-108789",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108789"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-17737",
"trust": 4.8
},
{
"db": "EXPLOIT-DB",
"id": "43364",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011556",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011555",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011554",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201712-661",
"trust": 0.7
},
{
"db": "EXPLOITDB",
"id": "43364",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2018-01361",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "145489",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-108789",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-01361"
},
{
"db": "VULHUB",
"id": "VHN-108789"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011556"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011555"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011554"
},
{
"db": "PACKETSTORM",
"id": "145489"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-661"
},
{
"db": "NVD",
"id": "CVE-2017-17737"
}
]
},
"id": "VAR-201712-0913",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-01361"
},
{
"db": "VULHUB",
"id": "VHN-108789"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-01361"
}
]
},
"last_update_date": "2025-04-20T23:29:30.339000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "4K Product Line",
"trust": 2.4,
"url": "https://www.brightsign.biz/digital-signage-products/legacy-products/4k-product-line"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011556"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011555"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011554"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
},
{
"problemtype": "CWE-22",
"trust": 0.8
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108789"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011556"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011555"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011554"
},
{
"db": "NVD",
"id": "CVE-2017-17737"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.7,
"url": "http://www.information-paradox.net/2017/12/brightsign-multiple-vulnerablities-cve.html"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/43364/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17739"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17738"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17737"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17739"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17738"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17737"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-01361"
},
{
"db": "VULHUB",
"id": "VHN-108789"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011556"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011555"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011554"
},
{
"db": "PACKETSTORM",
"id": "145489"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-661"
},
{
"db": "NVD",
"id": "CVE-2017-17737"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-01361"
},
{
"db": "VULHUB",
"id": "VHN-108789"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011556"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011555"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011554"
},
{
"db": "PACKETSTORM",
"id": "145489"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-661"
},
{
"db": "NVD",
"id": "CVE-2017-17737"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-01361"
},
{
"date": "2017-12-18T00:00:00",
"db": "VULHUB",
"id": "VHN-108789"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011556"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011555"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011554"
},
{
"date": "2017-12-19T14:26:57",
"db": "PACKETSTORM",
"id": "145489"
},
{
"date": "2017-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-661"
},
{
"date": "2017-12-18T06:29:00.287000",
"db": "NVD",
"id": "CVE-2017-17737"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-01361"
},
{
"date": "2018-01-04T00:00:00",
"db": "VULHUB",
"id": "VHN-108789"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011556"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011555"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011554"
},
{
"date": "2017-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-661"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-17737"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-661"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BrightSign Digital Signage Path traversal vulnerability in device firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011556"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-661"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…