CVE-2025-30111

High CVSS: 7.5

On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam exposes endpoints that allow unauthorized users, who gained access through other means, to list and download recorded videos, as well as access live video streams without proper authentication.

Vendor

Product

CWE

CWE-306

Yayın Tarihi

2025-03-18 15:16:02

Güncelleme

2025-03-24 22:15:14

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-306 HIGH 2025

Referanslar

https://github.com/geo-chen/IROAD-V https://iroad-dashcam.nl/iroad/iroad-x5/