CVE-2025-63215

Name of the Vulnerable Software and Affected Versions Sound4 IMPACT (affected versions not specified)

Description The Sound4 IMPACT web-based management interface contains a flaw that allows for Remote Code Execution (RCE). This occurs because the system does not properly validate the integrity of the manual.sh script during a firmware update. An attacker can exploit this by modifying the script to include arbitrary commands and then repackaging the firmware, leading to potential system compromise.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.