{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-33560: Daktronics Controller Firmware Unrestricted Upload of File with Dangerous Type","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-33560","status":"final","version":"1","initial_release_date":"2026-06-26T22:48:56.236Z","current_release_date":"2026-06-26T22:48:56.236Z","revision_history":[{"date":"2026-06-26T22:48:56.236Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and scripts to be accepted and written directly to the server.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-33560 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-33560"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-33560"},{"category":"external","summary":"cisa.gov","url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-04"},{"category":"external","summary":"github.com","url":"https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-176-04.json"}]},"product_tree":{"branches":[{"category":"vendor","name":"Daktronics","branches":[{"category":"product_name","name":"VFC-DMP-5000","branches":[{"category":"product_version_range","name":"<v8.117.x.x","product":{"name":"Daktronics VFC-DMP-5000 <v8.117.x.x","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:daktronics:vfc-dmp-5000:*:*:*:*:*:*:*:*"}}},{"category":"product_version_range","name":"<v9.43.x.x","product":{"name":"Daktronics VFC-DMP-5000 <v9.43.x.x","product_id":"CSAFPID-2","product_identification_helper":{"cpe":"cpe:2.3:a:daktronics:vfc-dmp-5000:*:*:*:*:*:*:*:*"}}},{"category":"product_version_range","name":"<v10.34.x.x","product":{"name":"Daktronics VFC-DMP-5000 <v10.34.x.x","product_id":"CSAFPID-3","product_identification_helper":{"cpe":"cpe:2.3:a:daktronics:vfc-dmp-5000:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Daktronics","branches":[{"category":"product_name","name":"DMP-5000","branches":[{"category":"product_version_range","name":"<v10.34.x.x","product":{"name":"Daktronics DMP-5000 <v10.34.x.x","product_id":"CSAFPID-4","product_identification_helper":{"cpe":"cpe:2.3:a:daktronics:dmp-5000:*:*:*:*:*:*:*:*"}}},{"category":"product_version_range","name":"<v8.117.x.x","product":{"name":"Daktronics DMP-5000 <v8.117.x.x","product_id":"CSAFPID-5","product_identification_helper":{"cpe":"cpe:2.3:a:daktronics:dmp-5000:*:*:*:*:*:*:*:*"}}},{"category":"product_version_range","name":"<v9.43.x.x","product":{"name":"Daktronics DMP-5000 <v9.43.x.x","product_id":"CSAFPID-6","product_identification_helper":{"cpe":"cpe:2.3:a:daktronics:dmp-5000:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Daktronics","branches":[{"category":"product_name","name":"DMP-8000","branches":[{"category":"product_version_range","name":"<v10.34.x.x","product":{"name":"Daktronics DMP-8000 <v10.34.x.x","product_id":"CSAFPID-7","product_identification_helper":{"cpe":"cpe:2.3:a:daktronics:dmp-8000:*:*:*:*:*:*:*:*"}}},{"category":"product_version_range","name":"<v8.117.x.x","product":{"name":"Daktronics DMP-8000 <v8.117.x.x","product_id":"CSAFPID-8","product_identification_helper":{"cpe":"cpe:2.3:a:daktronics:dmp-8000:*:*:*:*:*:*:*:*"}}},{"category":"product_version_range","name":"<v9.43.x.x","product":{"name":"Daktronics DMP-8000 <v9.43.x.x","product_id":"CSAFPID-9","product_identification_helper":{"cpe":"cpe:2.3:a:daktronics:dmp-8000:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-33560","title":"Daktronics Controller Firmware Unrestricted Upload of File with Dangerous Type","notes":[{"category":"description","text":"The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and scripts to be accepted and written directly to the server.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1","CSAFPID-2","CSAFPID-3","CSAFPID-4","CSAFPID-5","CSAFPID-6","CSAFPID-7","CSAFPID-8","CSAFPID-9"]},"scores":[{"cvss_v4":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N","baseScore":8.4,"baseSeverity":"HIGH"},"products":["CSAFPID-1","CSAFPID-2","CSAFPID-3","CSAFPID-4","CSAFPID-5","CSAFPID-6","CSAFPID-7","CSAFPID-8","CSAFPID-9"]}],"remediations":[{"category":"vendor_fix","details":"Update to a fixed version: v10.34.x.x, v8.117.x.x, v9.43.x.x.","product_ids":["CSAFPID-1","CSAFPID-2","CSAFPID-3","CSAFPID-4","CSAFPID-5","CSAFPID-6","CSAFPID-7","CSAFPID-8","CSAFPID-9"]}]}]}