CVE-2022-50696 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Hardcoded Credentials Authentication Bypass

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain hardcoded credentials embedded in server binaries that cannot be modified through normal device operations. Attackers can leverage these static credentials to gain unauthorized access to the device across Linux and Windows distributions...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Exploit Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Unauthenticated Factory Reset Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Unauthenticated Factory Reset Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First...

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x password SQL Injection

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x password Authentication Bypass Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco 1.16 Voi...

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Directory Traversal / File Write

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x Directory Traversal File Write Exploit Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco...

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x services Command Injection

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x services Authenticated Command Injection Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Ec...

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Persistent Cross Site Scripting

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x username Stored Cross-Site Scripting Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco 1....

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Unauthenticated Factory Reset

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x restorefactory.cgi Unauthenticated Factory Reset Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69...

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (username) Authentication Bypass

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...