CVE-2022-50788 MEDIUM

CVE-2022-50788: SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Information Disclosure via Log Directory

Vendor Sound4 Ltd.
Product Impact/Pulse/First
Weakness CWE-548 · Directory listing
Published December 30, 2025
Last update January 5, 2026

CVSS base score

6.9/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive log files. Attackers can directly browse the /log directory to retrieve system and sensitive information without authentication.

Key dates

02Disclosure timeline

December 30, 2025 CVE published
January 5, 2026 Record updated