3 matches found
CVE-2025-1050
Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of...
CVE-2025-1050
CVE-2025-1050 describes a remote code execution via an out-of-bounds write in the Sonos Era 300 when processing HLS playlist data. The flaw arises from improper validation of user-supplied data, allowing a network-adjacent attacker (no authentication required) to write past the end of an allocate...
CVE-2025-1050
creationtimestamp| type| source ---|---|--- 2025-04-09 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-225/ 2025-04-23 18:48:06+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114388768281634046 2025-04-23 20:14:33+00:00| seen|...