Security Advisory

CVE-2022-50794

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-30 22:41:38

Last updated 2026-01-05 20:19:28

Assigner VulnCheck

State PUBLISHED

Description

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated command injection vulnerability in the username parameter. Attackers can exploit index.php and login.php scripts by injecting arbitrary shell commands through the HTTP POST username parameter to execute system commands.

← Browse all CVEs View on cve.org ↗