CVE-2023-53955

Critical CVSS: 9.3

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access hidden system resources. Attackers can exploit the vulnerability by manipulating user-supplied input to execute privileged functionalities without proper authentication.

Vendor

Sound4

Product

Impact Firmware

CWE

CWE-639

Yayın Tarihi

2025-12-22 22:15:59

Güncelleme

2026-01-13 18:23:14

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-639 Impact Firmware CRITICAL Sound4 2025

Referanslar

https://web.archive.org/web/20221207074555/https://www.sound4.com/ https://www.exploit-db.com/exploits/51169 https://www.vulncheck.com/advisories/sound-impactfirstpulseeco-x-authorization-bypass-via-insecure-object-references https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5723.php https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5723.php

Benzer Kayıtlar

High

CVE-2022-50792

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated file disclosure vulnerability that allow…

High

CVE-2022-50793

SOUND4 IMPACT/FIRST/PULSE/Eco

Critical

CVE-2022-50794

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated command injection vulnerability in the u…

High

CVE-2022-50795

SOUND4 IMPACT/FIRST/PULSE/Eco

Critical

CVE-2022-50796

SOUND4 IMPACT/FIRST/PULSE/Eco

Critical

CVE-2022-50696

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain hardcoded credentials embedded in server binaries that cann…