2 matches found
CVE-2025-8649
Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific...
CVE-2025-8649
CVE-2025-8649 affects Kenwood DMX958XR, specifically the JKWifiService . The vulnerability stems from insufficient validation of a user-supplied string before it is used to execute a system call, allowing a local attacker with physical access to run code as root. Reports indicate a command inject...