CVE-2022-50796

CriticalPublic PoC

Published: 30 December 2025

Published

30 December 2025

Modified

16 January 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0111 78.3th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-50796 is a critical-severity Path Traversal (CWE-22) vulnerability in Sound4 Impact Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 21.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly prevents path traversal exploitation in the upload.cgi firmware upload by validating inputs such as file paths to ensure only legitimate locations are written to.

SI-2 Flaw Remediation good match

prevent

Remediates the specific path traversal flaw in firmware versions <=2.x through timely application of vendor-provided security updates.

AC-3 Access Enforcement good match

prevent

Enforces access control to require authentication for the firmware upload functionality, blocking unauthenticated remote exploitation attempts.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The vulnerability is an unauthenticated RCE in a public-facing web application (upload.cgi) via path traversal, directly enabling exploitation of public-facing applications.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an unauthenticated remote code execution vulnerability in the firmware upload functionality with path traversal flaw. Attackers can exploit the upload.cgi script to write malicious files to the system with www-data permissions, enabling unauthorized access and code…

execution.

Deeper analysisAI

CVE-2022-50796 is an unauthenticated remote code execution vulnerability affecting SOUND4 IMPACT, FIRST, PULSE, and Eco devices running firmware versions 2.x and below. The issue stems from a path traversal flaw (CWE-22) in the firmware upload functionality, specifically the upload.cgi script, which allows attackers to write arbitrary files to the system with www-data permissions.

Attackers with network access can exploit this vulnerability without authentication, privileges, or user interaction, requiring only low attack complexity. Successful exploitation grants unauthorized access and enables remote code execution, with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), resulting in high confidentiality, integrity, and availability impacts.

Advisories detailing the vulnerability and potential mitigations are available from sources including IBM X-Force Exchange, Packet Storm Security, VulnCheck, and Zero Science Labs. The vendor website at sound4.com is also referenced for further information.

Details

CWE(s): CWE-22

Affected Products

sound4

impact firmware

1.69, 2.15

sound4

pulse firmware

1.69, 2.15

sound4

first firmware

1.69, 2.15

sound4

impact eco firmware

1.16

sound4

pulse eco firmware

1.16

sound4

big voice4 firmware

1.2

sound4

big voice2 firmware

1.30

sound4

wm2 firmware

1.11

sound4

stream extension

2.4.29

CVEs Like This One

CVE-2023-53955Same product: Sound4 Big Voice2

CVE-2023-53960Same product: Sound4 Big Voice2

CVE-2023-53964Same product: Sound4 Big Voice2

CVE-2022-50794Same product: Sound4 Big Voice2

CVE-2022-50696Same product: Sound4 Big Voice2

CVE-2023-53963Same product: Sound4 Big Voice2

CVE-2022-50793Same product: Sound4 Big Voice2

CVE-2023-53966Same vendor: Sound4

CVE-2025-57431Same vendor: Sound4

CVE-2024-36512Shared CWE-22

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/247951
Third Party Advisory · disclosure@vulncheck.com
https://packetstormsecurity.com/files/170268/SOUND4-IMPACT-FIRST-PULSE-Eco-2.x-upload.cgi-Code-Execution.html
Exploit, Third Party Advisory, VDB Entry · disclosure@vulncheck.com
https://www.sound4.com/
Product · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/sound-impactfirstpulseeco-x-unauthenticated-remote-code-execution-via-uploadcgi
Third Party Advisory · disclosure@vulncheck.com
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5741.php
Exploit, Third Party Advisory · disclosure@vulncheck.com