PT-2025-54238 · Webplay+2 · Webplay+5
Published
2025-12-30
·
Updated
2025-12-31
·
CVE-2022-50790
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below
Description
A vulnerability exists that allows remote attackers to access live radio stream information without authentication. Attackers can exploit this by calling specific web scripts to disclose radio stream details. The vulnerability affects webplay and ffmpeg scripts.
Recommendations
Upgrade to versions 3.x.
Exploit
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sound4 Eco
Sound4 First
Sound4 Impact
Sound4 Pulse
Ffmpeg
Webplay