Vulnerability Details CVE-2022-50795
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the traceroute.php script, which triggers the malicious file and then deletes it after execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 78.5%
CVSS Severity
CVSS v3 Score 8.4
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/247950
- https://packetstormsecurity.com/files/170267/SOUND4-IMPACT-FIRST-PULSE-Eco-2.x-traceroute.php-Conditional-Command-Injection.html
- https://www.sound4.com/
- https://www.vulncheck.com/advisories/sound-impactfirstpulseeco-x-conditional-command-injection-via-traceroutephp
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5740.php
Products affected by CVE-2022-50795
-
cpe:2.3:a:sound4:stream_extension:2.4.29
-
cpe:2.3:h:sound4:big_voice2:-
-
cpe:2.3:h:sound4:big_voice4:-
-
cpe:2.3:h:sound4:first:1.0
-
cpe:2.3:h:sound4:first:2.0
-
cpe:2.3:h:sound4:impact:1.0
-
cpe:2.3:h:sound4:impact:2.0
-
cpe:2.3:h:sound4:impact_eco:-
-
cpe:2.3:h:sound4:pulse:1.0
-
cpe:2.3:h:sound4:pulse:2.0
-
cpe:2.3:h:sound4:pulse_eco:-
-
cpe:2.3:h:sound4:wm2:-
-
cpe:2.3:o:sound4:big_voice2_firmware:1.30
-
cpe:2.3:o:sound4:big_voice4_firmware:1.2
-
cpe:2.3:o:sound4:first_firmware:1.69
-
cpe:2.3:o:sound4:first_firmware:2.15
-
cpe:2.3:o:sound4:impact_eco_firmware:1.16
-
cpe:2.3:o:sound4:impact_firmware:1.69
-
cpe:2.3:o:sound4:impact_firmware:2.15
-
cpe:2.3:o:sound4:pulse_eco_firmware:1.16
-
cpe:2.3:o:sound4:pulse_firmware:1.69
-
cpe:2.3:o:sound4:pulse_firmware:2.15
-
cpe:2.3:o:sound4:wm2_firmware:1.11