CVE-2025-30113

Critical CVSS: 9.8

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and 9092. These credentials, stored in cleartext, can be exploited by an attacker who gains access to the dashcam's network.

Vendor

Hella

Product

Dr 820 Firmware

CWE

CWE-798

Yayın Tarihi

2025-03-18 15:16:02

Güncelleme

2025-05-22 19:51:06

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-798 Dr 820 Firmware CRITICAL Hella 2025

Referanslar

https://github.com/geo-chen/Hella https://medium.com/@geochen/cve-draft-hella-driving-recorder-dr-820-ff8c4e2cca26

Benzer Kayıtlar

Critical

CVE-2025-30114

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pa…

Critical

CVE-2025-30115

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Default Credentials Cannot Be Changed. It use…

High

CVE-2025-30116

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Liv…

High

CVE-2025-30117

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Dat…