SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a cross site request forgery vulnerability.

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an authorization bypass due to an insecure direct object reference vulnerability.

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffers from an insufficient session expiration vulnerability.

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below allows an unauthenticated attacker to disconnect the current monitoring user from listening/monitoring and takeover the radio stream on a specific channel.

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a password SQL injection vulnerability that allows for authentication bypass.

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a username SQL injection vulnerability that allows for authentication bypass.

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below allow an unauthenticated attacker to send network signals to an arbitrary target host that can be abused in an ICMP flooding attack. This includes…

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a hardcoded credential vulnerability.

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an unauthenticated directory traversal file write vulnerability.

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a username persistent cross site scripting vulnerability.