← Voltar para CVEs
CVE-2025-55618
HIGH7.3
Descricao
In Hyundai Navigation App STD5W.EUR.HMC.230516.afa908d, an attacker can inject HTML payloads in the profile name field in navigation app which then get rendered.
Detalhes CVE
Pontuacao CVSS v3.17.3
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado8/27/2025
Ultima modificacao9/9/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
hyundai:navigation
Fraquezas (CWE)
CWE-79
Referencias
http://hyundai.com(cve@mitre.org)
https://github.com/MatJosephs/CVEs/tree/main/CVE-2025-55618(cve@mitre.org)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.