| Titel | 70mai dashcam Dash Cam 1S Configuration |
|---|
| Beschreibung | Unauthorised Configuration Change - Once connected to the network of 70mai Dashcam 1S, an attacker can make unauthorised configuration changes to the dashcam and even sabotage the car battery to drain it by disabling the battery protection settings:
curl -s "http://x.x.x.x/cgi-bin/Config.cgi?action=set&property=Camera.Menu.<REDACTED>
A remote attacker nearby connected to the dashcam can make unauthorised changes to the dashcam's configurations without alerting the dashcam owner or pressing any physical pairing button on the dashcam. |
|---|
| Quelle | ⚠️ https://github.com/geo-chen/70mai/blob/main/README.md#finding-3-unauthorised-configuration-change |
|---|
| Benutzer | geochen (UID 78995) |
|---|
| Einreichung | 11.06.2025 17:18 (vor 10 Monaten) |
|---|
| Moderieren | 23.06.2025 16:11 (12 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 313642 [70mai 1S bis 20250611 Configuration Config.cgi?action=set erweiterte Rechte] |
|---|
| Punkte | 20 |
|---|