| عنوان | i-DRIVE Dashcam i11, i12 Improper Access Controls |
|---|
| الوصف | Remotely Dump Video Footage and Live Video Stream - An attacker with network access can remotely enumerate all video recordings stored on the dashcam’s SD card via port 9091. These recordings can then be converted from JDR to MP4 format. Additionally, by opening a secondary socket to port 9092 and successfully validating the challenge-response key, an attacker can stream live footage. Extracted recordings may contain sensitive information, including location data. |
|---|
| المصدر | ⚠️ https://github.com/geo-chen/i-Drive |
|---|
| المستخدم | geochen (UID 78995) |
|---|
| ارسال | 27/02/2025 04:58 PM (1 سنة منذ) |
|---|
| الاعتدال | 03/03/2025 01:25 PM (4 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 298195 [i-Drive i11/i12 حتى 20250227 Video Footage/Live Video Stream تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|