11 matches found
EUVD-2022-55941
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains a network vulnerability that allows unauthenticated attackers to send ICMP signals to arbitrary hosts through network command scripts. Attackers can abuse ping.php, traceroute.php, and dns.php to generate network flooding attacks targeting...
EUVD-2022-55931
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the traceroute.php script, which...
CVE-2022-50795
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the traceroute.php script, which...
CVE-2022-50695
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains a network vulnerability that allows unauthenticated attackers to send ICMP signals to arbitrary hosts through network command scripts. Attackers can abuse ping.php, traceroute.php, and dns.php to generate network flooding attacks targeting...
CVE-2022-50795 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Command Injection via traceroute.php
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the traceroute.php script, which...
CVE-2022-50795 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Command Injection via traceroute.php
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the traceroute.php script, which...
CVE-2022-50695 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x ICMP Flood Attack via Network Commands
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains a network vulnerability that allows unauthenticated attackers to send ICMP signals to arbitrary hosts through network command scripts. Attackers can abuse ping.php, traceroute.php, and dns.php to generate network flooding attacks targeting...
CVE-2022-50695
CVE-2022-50695 affects SOUND4 IMPACT/FIRST/PULSE/Eco software versions 2.x. The root cause is a network command script mechanism that allows unauthenticated users to send ICMP signals to arbitrary hosts via scripts such as ping.php, traceroute.php, and dns.php, enabling potential network flooding...
PT-2025-54243
Name of the Vulnerable Software and Affected Versions SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and earlier Description The software contains a conditional command injection issue. Local authenticated users can create malicious files in the /tmp directory. Unauthenticated attackers can execute...
SOUND4多款产品 操作系统命令注入漏洞
SOUND4 IMPACT and others are products of the French company SOUND4.SOUND4 IMPACT is a professional audio processor for broadcasting.SOUND4 FIRST is an audio processor for broadcasting.SOUND4 PULSE is an audio processor. An operating system command injection vulnerability exists in several SOUND4...
PT-2002-1539 · Linux Directory Penguin · Linux Directory Penguin Traceroute.Pl Cgi Script
Name of the Vulnerable Software and Affected Versions: Linux Directory Penguin traceroute.pl CGI script version 1.0 Description: The issue allows remote attackers to execute arbitrary code via shell metacharacters in the host parameter. This is a result of a flaw in the traceroute.pl CGI script...