| عنوان | SAFECAM dashcam X300 Plaintext Password in Configuration File |
|---|
| الوصف | Same Default Credentials with Hardcoded FTP Credentials in APK
The SAFECAM X300 dashcam ships with identical default credentials for all devices. This allows attackers to use the same credentials to connect to any SAFECAM X3 dashcams with default settings, within range, enabling unauthorized access to multiple devices. An attacker can then connect to the dashcam's FTP server using hardcoded FTP credentials found in the mobile app (Viidure v2.1.1.250317) and remotely download all recorded video footage, exposing sensitive data. |
|---|
| المصدر | ⚠️ https://github.com/geo-chen/SAFECAM |
|---|
| المستخدم | geochen (UID 78995) |
|---|
| ارسال | 11/06/2025 05:28 PM (10 أشهر منذ) |
|---|
| الاعتدال | 01/07/2025 07:46 AM (20 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 314488 [SAFECAM X300 حتى 20250611 FTP Service الكشف عن المعلومات] |
|---|
| النقاط | 20 |
|---|