CNNVD-202512-5059 Information

CNNVD ID

CNNVD-202512-5059

Related CVE

CVE-2022-50792

• CNNVD Published: 2025-12-30

Description (Chinese)

SOUND4 IMPACT等都是法国SOUND4公司的产品。SOUND4 IMPACT是一款专业广播音频处理器。SOUND4 FIRST是一款广播用的音频处理器。SOUND4 PULSE是一款音频处理器。 SOUND4多款产品存在路径遍历漏洞，该漏洞源于file GET参数允许访问任意文件，可能导致文件泄露。以下产品受到影响：SOUND4 IMPACT、SOUND4 FIRST和SOUND4 PULSE。

Description (English)

SOUND4 IMPACT and others are products of SOUND4 in France. SOUND4 IMPACT is a professional broadcast audio processor. SOUND4 FIRST is an audio processor for a broadcast. SOUND4 PULTSE is an audio processor. More than SOUND4 products have a loophole in their path, which stems from the fact that the file GET parameters allow access to any document, which may lead to its disclosure. The following products were affected: SOUND4 IMPACT, SOUND4 FIRST and SOUND4 PULTSE.

Hazard Level

Low

Vulnerability Type

路径遍历

Affected Vendor

Sound4

Published

2025-12-30

Last Modified

2026-02-24

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/247916 https://packetstormsecurity.com/files/170263/SOUND4-IMPACT-FIRST-PULSE-Eco-2.x-Unauthenticated-File-Disclosure.html https://www.sound4.com/ https://www.vulncheck.com/advisories/sound-impactfirstpulseeco-x-unauthenticated-file-disclosure-vulnerability https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5736.php