CNNVD-202512-5055 Information
CNNVD ID
CNNVD-202512-5055
Related CVE
- CNNVD Published: 2025-12-30
Description (Chinese)
SOUND4 IMPACT等都是法国SOUND4公司的产品。SOUND4 IMPACT是一款专业广播音频处理器。SOUND4 FIRST是一款广播用的音频处理器。SOUND4 PULSE是一款音频处理器。 SOUND4多款产品存在操作系统命令注入漏洞,该漏洞源于username参数未经验证,可能导致命令注入。以下产品及版本受到影响:SOUND4 IMPACT/FIRST/PULSE/Eco 2.x及之前版本。
Description (English)
SOUND4 IMPACT and others are products of SOUND4 in France. SOUND4 IMPACT is a professional broadcast audio processor. SOUND4 FIRST is an audio processor for a broadcast. SOUND4 PULTSE is an audio processor. More than SOUND4 products have an operating system command leak, which originates from unverified username parameters, which may lead to an order injection. The following product and version were affected: SOUND4 IMPACT/FIRT/PULSE/Eco 2.x and earlier.
Hazard Level
Low
Vulnerability Type
操作系统命令注入
Affected Vendor
Sound4
Published
2025-12-30
Last Modified
2026-02-24
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/247914 https://packetstormsecurity.com/files/170266/SOUND4-IMPACT-FIRST-PULSE-Eco-2.x-username-Command-Injection.html https://www.sound4.com/ https://www.vulncheck.com/advisories/sound-impactfirstpulseeco-x-unauthenticated-command-injection-via-username https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5739.php
Share on: