A critical vulnerability has been identified in SOUND4 IMPACT, FIRST, PULSE, and Eco products. This flaw allows any remote, unauthenticated attacker to access sensitive live radio stream information by simply calling specific web scripts, posing a significant risk of content theft, service disruption, and potential stream hijacking. Due to the lack of authentication required, this vulnerability is easy to exploit and requires immediate attention.

The vulnerability is an information disclosure flaw resulting from a lack of authentication on specific web scripts, including webplay and ffmpeg scripts. A remote attacker can exploit this by sending a direct HTTP request to these scripts on a vulnerable device. The server will improperly process the request without verifying user identity, returning sensitive details about the live radio stream, such as stream URLs, formats, and other configuration data.

This vulnerability is rated as critical severity with a CVSS score of 9.8. Exploitation could lead to significant business consequences, including the unauthorized interception and re-broadcasting of proprietary audio content, resulting in copyright infringement and revenue loss. The disclosed stream information could also be used to launch denial-of-service (DoS) attacks against the broadcast infrastructure, leading to service outages and reputational damage. Furthermore, this information could serve as reconnaissance for more sophisticated attacks against the organization's network.

Immediate Action: Immediately update all affected SOUND4 IMPACT, FIRST, PULSE, and Eco devices to the latest available version (above 2.x) to patch the vulnerability. After patching, review web server and application access logs for any signs of exploitation attempts that may have occurred prior to remediation.

Proactive Monitoring:

• Monitor web server logs for an unusual number of GET requests targeting webplay or ffmpeg scripts, especially from unknown or suspicious IP addresses.
• Implement network traffic analysis to detect anomalous patterns or high-volume connections to the streaming server's web interface.
• Configure alerts for any unauthorized access attempts or requests to the specific vulnerable endpoints.

Compensating Controls: If immediate patching is not feasible, implement the following controls:

• Use a Web Application Firewall (WAF) to create rules that block external access to the vulnerable script paths.
• Configure network firewall rules to restrict access to the device's web interface to only trusted IP addresses and administrative networks.
• If possible, configure web server access controls (e.g., .htaccess) to require authentication for the specific directories containing the vulnerable scripts.

Public Exploit Available: false

Given the critical 9.8 CVSS score and the absence of any required authentication for exploitation, this vulnerability presents a severe risk to the organization. We strongly recommend that all affected SOUND4 products be patched immediately. Although this CVE is not currently listed on the CISA KEV list, its high severity and ease of exploitation warrant urgent action. If patching cannot be performed immediately, the compensating controls listed above should be implemented as a temporary measure to mitigate the risk.