External risk intelligence

Sonicverse Radio Streaming: Server-Side Request Forgery.

CVE advisorySeverity: CRITICAL (CVSS 9.9)

CVE-2026-40089

Sonicverse Radio Audio Streaming Stack installations using the provided script are affected by a vulnerability in the dashboard's API client. An authenticated operator can exploit this flaw to make unauthorized HTTP requests from the dashboard backend, potentially exposing internal or external systems and increasing bu

4Halo Surface Signal

Server-Side Request Forgery

Sonicverse Radio Audio Streaming Stack

before 1.7.2

External exposure likelihood

Halo Surface Signal score for CVE-2026-40089

The product is a self-hosted web-based dashboard for radio streaming. Such services are typically deployed as web applications intended for management access, often exposed as internet-facing or edge services to allow remote administration or streaming operations.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

Horizon Alert

Summary of the vulnerability and why it matters

The Sonicverse Radio Audio Streaming Stack, when deployed using the provided installation script, contains a vulnerability in its dashboard's API client. This flaw allows an authenticated operator to initiate unauthorized HTTP requests from the dashboard's backend. Such actions can potentially expose internal or external systems to risk.

  • Vulnerable component: Dashboard API client
  • Core weakness: Insufficient URL validation
  • Main business impact: Unauthorized system requests

Attack Path

How an attacker could exploit the issue

An attacker could leverage a Server-Side Request Forgery (SSRF) vulnerability within the Sonicverse Radio Audio Streaming Stack dashboard's API client. This allows an authenticated operator to compel the dashboard's backend to send arbitrary HTTP requests. These requests can target internal systems within the organization's network or external services. The impact of this SSRF vulnerability could include unauthorized access to sensitive internal resources or disruption of external services.

  • Exposure condition: Dashboard is accessible.
  • Attacker starting point: Authenticated operator.
  • Trigger and result: Malicious URL request leads to unauthorized access.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability impacts Sonicverse Radio Audio Streaming Stack installations created using the provided install script. An authenticated operator could exploit this by submitting specially crafted URLs. This could allow an attacker to make arbitrary HTTP requests from the dashboard's backend to internal or external systems. The potential for unauthorized access to internal resources and data raises significant business risk.

  • Attacker skill: Low
  • Access: Authenticated operator
  • Business risk: High

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

This vulnerability allows an authenticated operator to make unauthorized requests from the dashboard backend, potentially impacting internal or external systems. The issue stems from insufficient validation of user-controlled URLs within the API client. Organizations using the Sonicverse Radio Audio Streaming Stack deployed via the provided install script should take immediate action to address this risk.

  • Identify Sonicverse Radio Audio Streaming Stack assets.
  • Reduce exposure by isolating affected systems.
  • Apply vendor fix, verify, and monitor.

Frequently asked questions

What is the Sonicverse Radio Audio Streaming Stack and what is it used for?

Sonicverse Radio Audio Streaming Stack is a self-hosted system designed for live radio streaming. It provides a dashboard interface that allows users to manage and interact with the streaming service.

What is CWE-918 in CVE-2026-40089?

CVE-2026-40089 involves a Server-Side Request Forgery (SSRF) weakness, categorized as CWE-918. This means the software incorrectly validates user-supplied URLs, allowing an attacker to trick the server into making unintended requests to internal or external resources.

How can an attacker trigger the vulnerability in Sonicverse Radio Audio Streaming Stack?

An authenticated operator can exploit this vulnerability by providing specially crafted URLs to the dashboard's API client. This bypasses validation, causing the dashboard's backend to send arbitrary HTTP requests, but only if the dashboard itself is accessible.

Who should be concerned about this Sonicverse vulnerability?

Organizations running the Sonicverse Radio Audio Streaming Stack, especially those where the dashboard is exposed to the internet or acts as an edge service, should be concerned. This product is typically used for management access, making it a potential target.

What are the first steps to address the Sonicverse Radio Audio Streaming Stack vulnerability?

Begin by identifying all instances of the Sonicverse Radio Audio Streaming Stack within your environment. Consider isolating potentially affected systems to reduce immediate risk, and prioritize applying the vendor's fix once available and verified.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified