CNNVD-202512-3936 Information
CNNVD ID
CNNVD-202512-3936
Related CVE
- CNNVD Published: 2025-12-22
Description (Chinese)
SOUND4 IMPACT等都是法国SOUND4公司的产品。SOUND4 IMPACT是一款专业广播音频处理器。SOUND4 FIRST是一款广播用的音频处理器。SOUND4 PULSE是一款音频处理器。 SOUND4多款产品存在SQL注入漏洞,该漏洞源于index.php身份验证机制存在SQL注入,可能导致认证绕过。以下产品受到影响:SOUND4 IMPACT、SOUND4 FIRST和SOUND4 PULSE。
Description (English)
SOUND4 IMPACT and others are products of SOUND4 in France. SOUND4 IMPACT is a professional broadcast audio processor. SOUND4 FIRST is an audio processor for a broadcast. SOUND4 PULTSE is an audio processor. More than SOUND4 products have a SQL injection loophole, which stems from the SQL injection of the index.php identification mechanism, which may lead to the certification being bypassed. The following products were affected: SOUND4 IMPACT, SOUND4 FIRST and SOUND4 PULTSE.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
Sound4
Published
2025-12-22
Last Modified
2026-02-24
References
https://www.sound4.com/ https://web.archive.org/web/20221207074555/ https://www.exploit-db.com/exploits/51171 https://www.vulncheck.com/advisories/sound-impactfirstpulseeco-x-sql-injection-via-authentication-bypass https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5726.php
Share on: