CVE-2025-30106

High CVSS: 8.8

On IROAD v9 devices, the dashcam has hardcoded default credentials ("qwertyuiop") that cannot be changed by the user. This allows an attacker within Wi-Fi range to connect to the device's network to perform sniffing.

Vendor

Product

CWE

CWE-259

Yayın Tarihi

2025-03-18 14:15:46

Güncelleme

2025-03-21 17:15:40

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-259 HIGH 2025

Referanslar

https://github.com/geo-chen/IROAD-V https://iroad-dashcam.nl/iroad/iroad-x5/