Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonos vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-27352
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the SMB directory query ...
Sonos One Firmware 70.3-35220
Sonos S1
Sonos S2
NA
CVE-2023-27353
This vulnerability allows network-adjacent malicious users to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msprox endpoint. The issue res...
Sonos One Firmware 70.3-35220
Sonos S1
Sonos S2
NA
CVE-2023-27354
This vulnerability allows network-adjacent malicious users to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the SMB director...
Sonos One Firmware 70.3-35220
Sonos S1
Sonos S2
NA
CVE-2023-27355
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MPEG-TS parser. The issue results from...
Sonos One Firmware 70.3-35220
Sonos S1
Sonos S2
8.3
CVSSv2
CVE-2022-24046
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of Sonos One Speaker before 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw e...
Sonos S1
Sonos S2
10
CVSSv2
CVE-2022-24049
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Sonos One Speaker before 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw exists with...
Sonos S1
Sonos S2
NA
CVE-2020-9285
Some versions of Sonos One (1st and 2nd generation) allow partial or full memory access via attacker controlled hardware that can be attached to the Mini-PCI Express slot on the motherboard that hosts the WiFi card on the device.
Sonos One Firmware -
9.3
CVSSv2
CVE-2018-11316
The UPnP HTTP server on Sonos wireless speaker products allow unauthorized access via a DNS rebinding attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker.
Sonos Sonos Firmware -
4
CVSSv2
CVE-2021-21266
openHAB is a vendor and technology agnostic open source automation software for your home. In openHAB prior to 2.5.12 and 3.0.1 the XML external entity (XXE) attack allows attackers in the same network as the openHAB instance to retrieve internal information like the content of f...
Openhab Openhab
Openhab Openhab 3.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started