An SQL injection attempt was made by my Sonoe One (10.0.0.40:1400) - should I worry?

  • 23 March 2019
  • 3 replies
  • 413 views

Badge
I have had my Sonos system installed for about one month. All working as expected and I am happily showing off my system to friends.

Today for the first time, my internet security software (Bitdefender Internet Protection 2019) is reporting that an Exploit attempt was blocked
March 21 at 2:05 PM. Feature: Online Threat Prevention.

"An SQL injection attempt was made by 10.0.0.40:1400. We blocked the connection to prevent the attacker from tampering with sensitive data"

The image attached shows that 10.0.0.40 is my Sonos:One

Is this a problem ? Assistance appreciated.

This topic has been closed for further comments. You can use the search bar to find a similar topic, or create a new one by clicking Create Topic at the top of the page.

3 replies

Userlevel 7
Badge +22
I'd suggest contacting Sonos support and see what they say, try one of the contact page options that offers 24x7 support or contact them when they are open via phone.
It sounds like a false positive. Port 1400 is simply the control port. I would just allow all traffic to sonos.exe.
Badge
I experienced exactly the same scenario today, also with Bitdefender