CVE-2026-28701
CriticalCVSS 9.8Exploitation Probability (EPSS)
Elevated risk53th percentile — higher than 53% of all known CVEs
Summary
A vulnerability in Daktronics Controller Firmware allows remote users (both authenticated and unauthenticated) to escape the intended directory and enumerate arbitrary file system paths.
Risk Assessment
An attacker could access sensitive configuration files, system data, or other resources, leading to information disclosure and potential privilege escalation.
Recommendation
Immediately update the Daktronics Controller Firmware to the latest version provided by the vendor and restrict network access to these devices to trusted hosts only.
Original NVD description (English source)
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths.

