Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths.
Credits
Thomas Jou of Princeton University reported this vulnerability to CISA.
