Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonos one firmware - vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-27353
This vulnerability allows network-adjacent malicious users to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msprox endpoint. The issue res...
Sonos One Firmware 70.3-35220
Sonos S1
Sonos S2
6.5
CVSSv3
CVE-2023-27354
This vulnerability allows network-adjacent malicious users to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the SMB director...
Sonos One Firmware 70.3-35220
Sonos S1
Sonos S2
8.8
CVSSv3
CVE-2023-27355
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MPEG-TS parser. The issue results from...
Sonos One Firmware 70.3-35220
Sonos S1
Sonos S2
8.8
CVSSv3
CVE-2023-27352
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the SMB directory query ...
Sonos One Firmware 70.3-35220
Sonos S1
Sonos S2
6.8
CVSSv3
CVE-2020-9285
Some versions of Sonos One (1st and 2nd generation) allow partial or full memory access via attacker controlled hardware that can be attached to the Mini-PCI Express slot on the motherboard that hosts the WiFi card on the device.
Sonos One Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started