Primary

Context

SOUND4 Impact/Pulse/First/Eco Information Disclosure Vulnerability

Vulnerability

An information disclosure vulnerability exists in SOUND4 Impact, Pulse, First, and Eco versions through 2.x. This vulnerability allows unauthenticated attackers to access sensitive log files by directly browsing the /log directory. The exposed logs may contain critical system and personal information.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive log files, including personal and system information.

Reproduction

To reproduce this vulnerability, navigate to the /log directory on a server running the affected SOUND4 application. No authentication is required to access the log files, which will contain sensitive information that could be exploited.

Added: Dec 30, 2025, 11:48 PM

Updated: Dec 30, 2025, 11:48 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

1.8

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

1.8

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SOUND4 Impact/Pulse/First/Eco Information Disclosure Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

SOUND4 Impact

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating