CVE-2022-50790
Unknown Unknown - Not Provided

Unauthenticated Information Disclosure in SOUND4 Radio Stream Scripts

Vulnerability report for CVE-2022-50790, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: VulnCheck

Description

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated vulnerability that allows remote attackers to access live radio stream information through webplay or ffmpeg scripts. Attackers can exploit the vulnerability by calling specific web scripts to disclose radio stream details without requiring authentication.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-07-06
AI Q&A
2025-12-31
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 4 associated CPEs
Vendor Product Version / Range
sound4 eco 2.*
sound4 impact 2.*
sound4 first 2.*
sound4 pulse 2.*

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below, where remote attackers can access live radio stream information without authentication by exploiting specific webplay or ffmpeg scripts. Essentially, attackers can call certain web scripts to disclose radio stream details without needing to log in or provide credentials.

Impact Analysis

The vulnerability allows unauthorized remote attackers to access live radio stream information, which could lead to information disclosure. This could potentially be used to gather sensitive streaming data or disrupt service confidentiality, impacting the privacy and security of the streaming platform.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50790. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart