CVE Catalog

CVE-2026-28701

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
0.84%

53th percentile — higher than 53% of all known CVEs

Summary

A vulnerability in Daktronics Controller Firmware allows remote users (both authenticated and unauthenticated) to escape the intended directory and enumerate arbitrary file system paths.

Risk Assessment

An attacker could access sensitive configuration files, system data, or other resources, leading to information disclosure and potential privilege escalation.

Recommendation

Immediately update the Daktronics Controller Firmware to the latest version provided by the vendor and restrict network access to these devices to trusted hosts only.

Original NVD description (English source)

Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS