3 matches found
EUVD-2026-43219
A vulnerability was determined in SonicCloudOrg sonic-agent up to 2.7.2. This affects an unknown function of the file sonic-server-controller/src/main/java/org/cloud/sonic/controller/controller/ExchangeController.java of the component JWT Authentication Filter. This manipulation causes code...
CVE-2026-15495
The vulnerability CVE-2026-15495 affects SonicCloudOrg sonic-agent up to version 2.7.2, specifically in the Android WebSocket Server component’s AndroidWSServer.java. The issue arises from manipulating the path argument, causing os command injection. It is remotely exploitable and has public disc...
CVE-2026-6620
Summary: CVE-2026-6620 affects SonicCloudOrg sonic-server (≤ 2.0.0). The vulnerability is in the file upload endpoint’s Upload function (FileTool.java), where manipulation of the Type argument enables path traversal. This could be exploited remotely; an exploit is publicly available. The vendor h...