Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SOUND4 Ltd. — Vulnerabilities & Security Advisories 22

Browse all 22 CVE security advisories affecting SOUND4 Ltd.. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SOUND4 Ltd. operates as a provider of audio processing and streaming solutions, primarily serving media and broadcasting sectors. Security audits have identified twenty-two Common Vulnerabilities and Exposures (CVEs) associated with its software ecosystem, indicating a pattern of historical security deficiencies. The most prevalent vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from inadequate input validation and improper access controls within its web interfaces and backend services. These issues suggest that the company’s development lifecycle has occasionally prioritized feature deployment over rigorous security testing. While no single catastrophic data breach has been publicly attributed solely to these CVEs, the cumulative risk profile highlights significant exposure for organizations relying on its infrastructure. Continuous patching and strict adherence to secure coding practices remain critical for mitigating these known attack vectors and protecting downstream users from potential exploitation.

Top products by SOUND4 Ltd.: Impact/Pulse/First SOUND4 LinkAndShare Transmitter SOUND4 Server Service
CVE IDTitleCVSSSeverityPublished
CVE-2022-50796 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Remote Code Execution via upload.cgi — Impact/Pulse/FirstCWE-22 9.8 Critical2025-12-30
CVE-2022-50794 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Command Injection via Username — Impact/Pulse/FirstCWE-78 9.8 Critical2025-12-30
CVE-2022-50795 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Command Injection via traceroute.php — Impact/Pulse/FirstCWE-78 7.8 High2025-12-30
CVE-2022-50793 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Authenticated Command Injection via www-data-handler.php — Impact/Pulse/FirstCWE-78 8.8 High2025-12-30
CVE-2022-50792 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated File Disclosure Vulnerability — Impact/Pulse/FirstCWE-22 7.5 High2025-12-30
CVE-2022-50791 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Command Injection via ping.php — Impact/Pulse/FirstCWE-78 7.8 High2025-12-30
CVE-2022-50789 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Command Injection via dns.php — Impact/Pulse/FirstCWE-78 7.8 High2025-12-30
CVE-2022-50790 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Radio Stream Disclosure — Impact/Pulse/FirstCWE-306 7.5 High2025-12-30
CVE-2022-50787 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Stored Cross-Site Scripting — Impact/Pulse/FirstCWE-79 7.2 High2025-12-30
CVE-2022-50788 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Information Disclosure via Log Directory — Impact/Pulse/FirstCWE-548 7.5 High2025-12-30
CVE-2022-50696 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Hardcoded Credentials Authentication Bypass — Impact/Pulse/FirstCWE-798 9.8 Critical2025-12-30
CVE-2022-50695 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x ICMP Flood Attack via Network Commands — Impact/Pulse/FirstCWE-770 7.5 High2025-12-30
CVE-2022-50692 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Insufficient Session Expiration Vulnerability — Impact/Pulse/FirstCWE-613 7.5 High2025-12-30
CVE-2022-50694 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x SQL Injection via Username Parameter — Impact/Pulse/FirstCWE-89 9.8 Critical2025-12-30
CVE-2023-53962 SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Unauthenticated Directory Traversal File Write — Impact/Pulse/FirstCWE-22 7.5 High2025-12-22
CVE-2023-53963 SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Unauthenticated Remote Command Injection — Impact/Pulse/FirstCWE-78 9.8 Critical2025-12-22
CVE-2023-53964 SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Unauthenticated Factory Reset Vulnerability — Impact/Pulse/FirstCWE-306 9.8 Critical2025-12-22
CVE-2023-53961 SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Cross-Site Request Forgery — Impact/Pulse/FirstCWE-352 4.3 Medium2025-12-22
CVE-2023-53960 SOUND4 IMPACT/FIRST/PULSE/Eco v2.x SQL Injection via Authentication Bypass — Impact/Pulse/FirstCWE-89 9.8 Critical2025-12-22
CVE-2023-53955 SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Authorization Bypass via Insecure Object References — Impact/Pulse/FirstCWE-639 9.8 Critical2025-12-22
CVE-2023-53965 SOUND4 Server Service 4.1.102 Local Privilege Escalation via Unquoted Service Path — SOUND4 Server ServiceCWE-428 8.4 High2025-12-22
CVE-2023-53966 SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow — SOUND4 LinkAndShare TransmitterCWE-134 9.8 Critical2025-12-22

This page lists every published CVE security advisory associated with SOUND4 Ltd.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.