CNNVD-202508-467 Information

CNNVD ID

CNNVD-202508-467

Related CVE

CVE-2025-8651

• CNNVD Published: 2025-08-06

Description (Chinese)

Kenwood DMX958XR是Kenwood公司的一款车载信息娱乐系统。 Kenwood DMX958XR存在操作系统命令注入漏洞，该漏洞源于JKWifiService未正确验证用户提供的字符串，可能导致远程代码执行。

Description (English)

Kenwood DMX958XR is a vehicle-borne information entertainment system for Kenwood. Kenwood DMX958XR has an operational system command leak that originates from JKWifiService ’ s incorrect validation of a string provided by the user, which may lead to remote code execution.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

Kenwood

Published

2025-08-06

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-799/