CNNVD-202508-085 Information

CNNVD ID

CNNVD-202508-085

Related CVE

CVE-2025-8473

• CNNVD Published: 2025-08-01

Description (Chinese)

Alpine iLX-507是美国Alpine公司的一个多媒体接收器。 Alpine iLX-507存在操作系统命令注入漏洞，该漏洞源于UPDM_wstpCBCUpdStart函数缺少输入验证，可能导致命令注入。

Description (English)

Alpine iLX-507 is a multimedia receiver for Alpine, United States. Alpine iLX-507 has an operational system command-injecting loophole, which stems from the lack of input validation for the UPDM wstpCBCUPDStart function, which may lead to the injection of the command.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

Alpine

Published

2025-08-01

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-762/