11 matches found
CVE-2025-63215
The Sound4 IMPACT web-based management interface is vulnerable to Remote Code Execution RCE via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitrary commands by modifying this script and repackaging the...
CVE-2025-63220
The CVE-2025-63220 entry concerns Sound4 FIRST's web-based management interface. The vulnerability is Remote Code Execution (RCE) via a malicious firmware update package, caused by the update mechanism failing to validate the integrity of the manual.sh script. An attacker could modify this script...
CVE-2025-63220
The Sound4 FIRST web-based management interface is vulnerable to Remote Code Execution RCE via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitrary commands by modifying this script and repackaging the...
CVE-2025-63220
The Sound4 FIRST web-based management interface is vulnerable to Remote Code Execution RCE via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitrary commands by modifying this script and repackaging the...
CVE-2025-63215
The Sound4 IMPACT web-based management interface is vulnerable to Remote Code Execution RCE via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitrary commands by modifying this script and repackaging the...
CVE-2025-63215
The Sound4 IMPACT web-based management interface is vulnerable to Remote Code Execution RCE via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitrary commands by modifying this script and repackaging the...
CVE-2025-63215
The Sound4 IMPACT web-based management interface is vulnerable to Remote Code Execution RCE via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitrary commands by modifying this script and repackaging the...
PT-2025-47408
Name of the Vulnerable Software and Affected Versions Sound4 IMPACT affected versions not specified Description The Sound4 IMPACT web-based management interface contains a flaw that allows for Remote Code Execution RCE through a specially crafted firmware update package. The system does not...
CVE-2025-57431
The Sound4 PULSE-ECO AES67 1.22 web-based management interface is vulnerable to Remote Code Execution RCE via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitrary commands by modifying this script and...
CVE-2025-57431
The Sound4 PULSE-ECO AES67 1.22 web-based management interface is vulnerable to Remote Code Execution RCE via a malicious firmware update package. The update mechanism fails to validate the integrity of manual.sh, allowing an attacker to inject arbitrary commands by modifying this script and...
PT-2025-38749
Name of the Vulnerable Software and Affected Versions Sound4 PULSE-ECO AES67 version 1.22 Description The web-based management interface is susceptible to Remote Code Execution RCE through a malicious firmware update package. The system does not properly validate the integrity of the manual.sh...