5 matches found
CVE-2025-1051
Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1051 Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability
Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1051
CVE-2025-1051 – Sonos Era 300 RCE via heap-based overflow : The vulnerability affects Sonos Era 300 speakers and stems from improper validation of the length of ALAC data before copying into a heap-based buffer. This allows network-adjacent attackers to execute code with the context of the anacap...
PT-2025-23217 · Sonos · Sonos Era 300
Name of the Vulnerable Software and Affected Versions: Sonos Era 300 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. No authentication is required to exploit this issue. The specific flaw exist...
(Pwn2Own) Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of ALAC data. The issue results from the lack of proper validation of the...