Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonos vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-27353
This vulnerability allows network-adjacent malicious users to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msprox endpoint. The issue res...
Sonos One Firmware 70.3-35220
Sonos S1
Sonos S2
8.8
CVSSv3
CVE-2023-27352
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the SMB directory query ...
Sonos One Firmware 70.3-35220
Sonos S1
Sonos S2
8.8
CVSSv3
CVE-2023-27355
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MPEG-TS parser. The issue results from...
Sonos One Firmware 70.3-35220
Sonos S1
Sonos S2
6.5
CVSSv3
CVE-2023-27354
This vulnerability allows network-adjacent malicious users to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the SMB director...
Sonos One Firmware 70.3-35220
Sonos S1
Sonos S2
8.8
CVSSv3
CVE-2022-24046
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of Sonos One Speaker before 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw e...
Sonos S1
Sonos S2
9.8
CVSSv3
CVE-2022-24049
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Sonos One Speaker before 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw exists with...
Sonos S1
Sonos S2
6.8
CVSSv3
CVE-2020-9285
Some versions of Sonos One (1st and 2nd generation) allow partial or full memory access via attacker controlled hardware that can be attached to the Mini-PCI Express slot on the motherboard that hosts the WiFi card on the device.
Sonos One Firmware -
9.6
CVSSv3
CVE-2018-11316
The UPnP HTTP server on Sonos wireless speaker products allow unauthorized access via a DNS rebinding attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker.
Sonos Sonos Firmware -
5
CVSSv3
CVE-2021-21266
openHAB is a vendor and technology agnostic open source automation software for your home. In openHAB prior to 2.5.12 and 3.0.1 the XML external entity (XXE) attack allows attackers in the same network as the openHAB instance to retrieve internal information like the content of f...
Openhab Openhab
Openhab Openhab 3.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started