Sonos Wireless Speaker Products Vulnerable to Unauthorized Access and DNS Rebinding Attack

Sonos Wireless Speaker Products Vulnerable to Unauthorized Access and DNS Rebinding Attack

CVE-2018-11316 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The UPnP HTTP server on Sonos wireless speaker products allow unauthorized access via a DNS rebinding attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker.

Learn more about our Cis Benchmark Audit For Bind.