| عنوان | 70mai Dashcam 1S Authentication Bypass by Primary Weakness |
|---|
| الوصف | Bypass Device Pairing of 70mai Dashcam 1S
From the official 70mai mobile app, a user needs to perform authorization by clicking on the physical power button in order to connect to the dashcam’s network. However, by connecting to the dashcam’s network and directly accessing the API on port 80 and RTSP on port 554, an attacker can bypass the device authorization mechanism that requires a user to physically press on the power button during connection. |
|---|
| المصدر | ⚠️ https://github.com/geo-chen/70mai?tab=readme-ov-file#finding-1-bypass-device-pairing-of-70mai-dashcam-1s |
|---|
| المستخدم | geochen (UID 78995) |
|---|
| ارسال | 16/03/2025 01:48 AM (1 سنة منذ) |
|---|
| الاعتدال | 21/03/2025 07:26 AM (5 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 300566 [70mai Dashcam 1S Pairing توثيق ضعيف] |
|---|
| النقاط | 20 |
|---|