إرسال #510955: i-DRIVE Dashcam i11, i12 Improper Access Control for Register Interfaceالمعلومات

عنوانi-DRIVE Dashcam i11, i12 Improper Access Control for Register Interface
الوصفManaging Settings to Obtain Sensitive Data and Sabotaging Car Battery - An attacker can remotely access and read the dashcam’s settings and configuration, exposing sensitive car and driver information. Additionally, they can manipulate device settings, such as lowering the volume to mask remote activity. Spoofing the MAC address of the paired device, an attacker can disable battery protection, potentially draining the vehicle's battery when parked. Further actions include deleting recorded footage, discreetly disabling recording, or performing a factory reset, effectively erasing critical evidence.
المصدر⚠️ https://github.com/geo-chen/i-Drive
المستخدم
 geochen (UID 78995)
ارسال27/02/2025 05:01 PM (1 سنة منذ)
الاعتدال03/03/2025 01:25 PM (4 days later)
الحالةتمت الموافقة
إدخال VulDB298196 [i-Drive i11/i12 حتى 20250227 Device Setting تنفيذ التعليمات البرمجية عن بُعد]
النقاط20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!