4 matches found
Sonos Speakers S1 App < 11.15.1, S2 App < 16.6 Multiple RCE Vulnerabilities (SSA-2024-0002)
Sonos speakers are prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX =...
CVE-2025-1049
Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1049
CVE-2025-1049 affects Sonos Era 300 speakers. A heap-based buffer overflow in ID3 data processing allows network-adjacent attackers (no authentication) to execute code in the context of the anacapa user. Root cause: insufficient validation of user-supplied data length before heap copy. Public det...
CVE-2025-1049
creationtimestamp| type| source ---|---|--- 2025-04-09 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-224/ 2025-04-23 18:48:06+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114388768229553757 2025-04-23 20:14:32+00:00| seen|...