Question

Sonos Hacked?

  • 23 September 2019
  • 5 replies
  • 228 views

Since I moved in with my Girlfriend I have the feeling someone else is controlling the volume of my Sonos setup. In this I see the level of the Sonos controller going to full volume and back to no volume. I can literally see the level of the volume going up and down.

After the first experience I have completely replaced the network with new cabled network and Synology routers. In the logging of the router I don't see unknown devices entering the network.

It is possible to control the Sonos devices in another way?
How can I detect and prevent this?

5 replies

Userlevel 7
Badge +21
Don't leave out cats and pranksters that are on the local LAN or WiFi.
Userlevel 7
Badge +26
Thx https:///members/airgetlam-7880809 and controlav for the reply.

I will submit the diagnostic when it happens again. I have Sonos connected to Alexa.
Does this create an opening for others to control of the volume?

I did some research I found a python script to use the Sonos api's. Is this a vulnerability?

There's one that's been around for a while on the internet that just makes use of standard UPnP commands that all Sonos players (any most any network IOT device) will follow. For that to work, someone would need to have the device running the script on your network. So on that note, make sure that the wifi credentials aren't open or shared with people you don't trust with that sort of power.

Otherwise, linking to Alexa or other services will be as secure as your Amazon credentials. If someone is logged into your Alexa account, they could send commands to your players from anywhere, technically. But if they're logged in there, you've probably got more things to be concerned about than them changing the volume of your speakers...


Volume going up and down can be caused by malfunctioning remotes, controllers, software, UPnP commands, voice connected services, Airplay, and all sorts of other things. So it's best to start narrowing down access and seeing where that leads you.
Thx https:///members/airgetlam-7880809 and controlav for the reply.

I will submit the diagnostic when it happens again. I have Sonos connected to Alexa.
Does this create an opening for others to control of the volume?

I did some research I found a python script to use the Sonos api's. Is this a vulnerability?
Userlevel 7
Badge +21
Did you link your Sonos account with any services eg Alexa, Google, or something third party? If you did then those services will be able to control your system. Check the Account page on the app to check.
I'd be guessing it's a stuck button on a controller device, rather than an outside influence.

But if you submit a system diagnostic within 10 minutes of experiencing this issue, and either post the number here, or contact Sonos Support to discuss it, they could probably tell you what device is sending the command to change the volume, and help you figure it out.

I usually suggest the phone folks, they have more tools available, but are only available Monday through Friday during business hours. Both the Twitter and Facebook support folks are available 24/7.

There may be information included in the diagnostic that will help Sonos pinpoint the issue and help you find a solution.

Reply