Skip to main content

Sonic Agent

3 CVEs product

Monthly

CVE-2026-15497 MEDIUM POC Monitor

Code injection in SonicCloudOrg sonic-agent through version 2.7.2 allows remote unauthenticated attackers to inject and execute arbitrary code via the ExchangeController endpoint, which bypasses or is excluded from the JWT Authentication Filter. The vulnerability carries a public proof-of-concept exploit named 'Unauth_ExchangeSend', confirming the endpoint is reachable without authentication. Critically, the affected product is end-of-life with no vendor support, and the maintainer did not respond to disclosure - no patch is forthcoming.

Code Injection Java RCE Sonic Agent
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.4%
CVE-2026-15496 LOW POC Monitor

OS command injection in SonicCloudOrg sonic-agent up to version 2.7.2 allows remote low-privileged attackers to execute arbitrary system commands via the evalIsFailed function in the Groovy Script Handler component. The public proof-of-concept - titled 'Unsandboxed_RCE' - confirms that Groovy scripts are executed without a security sandbox, enabling full host-level command execution. Critically, this is an end-of-life product with no vendor response and no patch, meaning no fix is forthcoming; no public exploit identified in CISA KEV at time of analysis, but a public POC exists.

Command Injection Java Sonic Agent
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
1.2%
CVE-2026-15495 LOW POC Monitor

OS command injection in SonicCloudOrg sonic-agent (all versions up to 2.7.2) enables remote code execution through the Android WebSocket Server component. An authenticated remote attacker can manipulate the `path` argument in AndroidWSServer.java to inject arbitrary OS commands on the host running the agent. Publicly available exploit code exists (GitHub PoC by xpp3901), no vendor patch will be issued as the product is end-of-life, and the vendor is unresponsive to disclosure - creating a permanent, unmitigable risk for any active deployment.

Command Injection Java Google Sonic Agent
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
1.5%
EPSS 0% CVSS 5.5
MEDIUM POC Monitor

Code injection in SonicCloudOrg sonic-agent through version 2.7.2 allows remote unauthenticated attackers to inject and execute arbitrary code via the ExchangeController endpoint, which bypasses or is excluded from the JWT Authentication Filter. The vulnerability carries a public proof-of-concept exploit named 'Unauth_ExchangeSend', confirming the endpoint is reachable without authentication. Critically, the affected product is end-of-life with no vendor support, and the maintainer did not respond to disclosure - no patch is forthcoming.

Code Injection Java RCE +1
NVD VulDB GitHub
EPSS 1% CVSS 2.1
LOW POC Monitor

OS command injection in SonicCloudOrg sonic-agent up to version 2.7.2 allows remote low-privileged attackers to execute arbitrary system commands via the evalIsFailed function in the Groovy Script Handler component. The public proof-of-concept - titled 'Unsandboxed_RCE' - confirms that Groovy scripts are executed without a security sandbox, enabling full host-level command execution. Critically, this is an end-of-life product with no vendor response and no patch, meaning no fix is forthcoming; no public exploit identified in CISA KEV at time of analysis, but a public POC exists.

Command Injection Java Sonic Agent
NVD VulDB GitHub
EPSS 2% CVSS 2.1
LOW POC Monitor

OS command injection in SonicCloudOrg sonic-agent (all versions up to 2.7.2) enables remote code execution through the Android WebSocket Server component. An authenticated remote attacker can manipulate the `path` argument in AndroidWSServer.java to inject arbitrary OS commands on the host running the agent. Publicly available exploit code exists (GitHub PoC by xpp3901), no vendor patch will be issued as the product is end-of-life, and the vendor is unresponsive to disclosure - creating a permanent, unmitigable risk for any active deployment.

Command Injection Java Google +1
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy