CVE-2022-50796

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an unauthenticated remote code execution vulnerability in the firmware upload functio

9.8CRITICAL

CVE-2022-50795

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that allows local authenticated users t

7.8HIGH

CVE-2022-50794

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated command injection vulnerability in the username pa

9.8CRITICAL

CVE-2022-50793

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an authenticated command injection vulnerability in the www-data-handler.php script t

8.8HIGH

CVE-2022-50792

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated file disclosure vulnerability that allows remote a

7.5HIGH

CVE-2022-50791

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a conditional command injection vulnerability that allows local authenticated users t

7.8HIGH

CVE-2022-50790

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated vulnerability that allows remote attackers to acce

7.5HIGH

CVE-2022-50789

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains a command injection vulnerability that allows local authenticated users to create mal

7.8HIGH

CVE-2022-50788

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an information disclosure vulnerability that allows unauthenticated attackers to acce

7.5HIGH

CVE-2022-50787

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains an unauthenticated stored cross-site scripting vulnerability in the username p

7.2HIGH

CVE-2022-50696

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain hardcoded credentials embedded in server binaries that cannot be modi

9.8CRITICAL

CVE-2022-50695

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains a network vulnerability that allows unauthenticated attackers to send ICMP sig

7.5HIGH

CVE-2022-50694

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an SQL injection vulnerability in the 'username' POST parameter of index.php that all

9.8CRITICAL

CVE-2022-50692

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an insufficient session expiration vulnerability that allows attacker

7.5HIGH

CVE-2023-53965

all versions

SOUND4 Server Service 4.1.102 contains an unquoted service path vulnerability that allows local non-privileged users to potentiall

8.4HIGH

CVE-2023-53964

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated vulnerability in the /usr/cgi-bin/restorefactory.cgi endpoint that

9.8CRITICAL

CVE-2023-53963

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated OS command injection vulnerability that allows remote attackers to

9.8CRITICAL

CVE-2023-53962

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated directory traversal vulnerability that allows remote attackers to w

7.5HIGH

CVE-2023-53961

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains a cross-site request forgery vulnerability that allows attackers to perform administra

4.3MEDIUM

CVE-2023-53960

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x contains an SQL injection vulnerability in the 'index.php' authentication mechanism that

9.8CRITICAL

CVE-2023-53955

all versions

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an insecure direct object reference vulnerability that allows attackers to bypass auth

9.8CRITICAL