SSRF in Brightsign, Llc Brightsign Digital Signage Diagnostic Web Server

CVE-2020-36884

BrightSign Digital Signage Diagnostic Web Server 8.2.26 and less contains an unauthenticated server-side request forgery vulnerability in the 'url' GET parameter of the Download Speed Test service. Attackers can specify external domains to…

Vulnerability class: SSRF (Server-Side Request Forgery)

EPSS: 0.008 (52.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References