CNNVD-202508-471 Information

CNNVD ID

CNNVD-202508-471

Related CVE

CVE-2025-8655

• CNNVD Published: 2025-08-06

Description (Chinese)

Kenwood DMX958XR是Kenwood公司的一款车载信息娱乐系统。 Kenwood DMX958XR存在操作系统命令注入漏洞，该漏洞源于固件更新过程未正确验证用户提供的字符串，可能导致远程代码执行。

Description (English)

Kenwood DMX958XR is a vehicle-borne information entertainment system for Kenwood. Kenwood DMX958XR has a bug in the operating system command, which stems from the fact that the solidware update process did not correctly verify the string provided by the user, which may result in remote code execution.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

Kenwood

Published

2025-08-06

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-803/