CVE-2025-30142

High CVSS: 8.1

An issue was discovered on G-Net Dashcam BB GONX devices. Bypassing of Device Pairing can occur. It uses MAC address verification as the sole mechanism for recognizing paired devices, allowing attackers to bypass authentication. By capturing the MAC address of an already-paired device through ARP scanning or other means, an attacker can spoof the MAC address and connect to the dashcam without going through the pairing process. This enables full access to the device.

Vendor

Gnetsystem

Product

G-onx Firmware

CWE

CWE-290

Yayın Tarihi

2025-03-18 20:15:26

Güncelleme

2025-07-01 21:04:36

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-290 G-onx Firmware HIGH Gnetsystem 2025

Referanslar

https://github.com/geo-chen/GNET https://www.gnetsystem.com/eng/product/list?viewMode=view&idx=246&ca_id=0201

Benzer Kayıtlar

High

CVE-2025-30140

An issue was discovered on G-Net Dashcam BB GONX devices. A Public Domain name is Used for the Internal Domain Name. It…

Medium

CVE-2025-30138

An issue was discovered on G-Net Dashcam BB GONX devices. Managing Settings and Obtaining Sensitive Data and Sabotaging…

Critical

CVE-2025-30139

An issue was discovered on G-Net Dashcam BB GONX devices. Default credentials for SSID cannot be changed. It broadcasts…

High

CVE-2025-30141

An issue was discovered on G-Net Dashcam BB GONX devices. One can Remotely Dump Video Footage and the Live Video Stream.…