SOUND4 IMPACT/PULSE/Eco traceroute.php Conditional Command Injection (ZSL-2022-5740)

Critical Vulnerability Information Title: SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (traceroute.php) Conditional Command Injection ID: ZSL-2022-5740 Type: Local/Remote Impact: System Access, DoS Risk: (4/5) Release Date: 14.12.2022 Description: This vulnerability allows a locally authenticated user to create a file in the /tmp directory containing malicious commands. The file must end with , and the commands within it can only be executed after an unauthenticated external attacker sends a request and receives a response. By invoking the vulnerable script and issuing a single HTTP POST request, an attacker can achieve command execution on the system. After the request is sent, the file containing the malicious command is deleted. Affected Versions: - FM/HD Radio Processing: Impact/Pulse/First (Version 2: 1.1/2.15) - Impact/Pulse/First (Version 1: 2.1/1.69) - Impact/Pulse Eco 1.16 - Voice Processing: BigVoice4 1.2 - BigVoice2 1.30 - Web-Audio Streaming: Stream 1.1/2.4.29 - Watermarking: WM2 (Kantar Media) 1.11 Test Environment: - Apache/2.4.25 (Unix) - OpenSSL/1.0.2k - PHP/7.1.1 - GNU/Linux 5.10.43 (armv7l) - GNU/Linux 4.9.228 (armv7l) Vendor Status: - 26.09.2022: Vulnerability discovered - 30.09.2022: Vendor contacted - 13.12.2022: No response from vendor - 14.12.2022: Public security advisory released

Goal Reached Thanks to every supporter — we hit 100%!

SOUND4 IMPACT/PULSE/Eco traceroute.php Conditional Command Injection (ZSL-2022-5740)