Invia #510952: i-DRIVE Dashcam i11, i12 Improper Access Controlsinformazioni

Titoloi-DRIVE Dashcam i11, i12 Improper Access Controls
DescrizioneRemotely Dump Video Footage and Live Video Stream - An attacker with network access can remotely enumerate all video recordings stored on the dashcam’s SD card via port 9091. These recordings can then be converted from JDR to MP4 format. Additionally, by opening a secondary socket to port 9092 and successfully validating the challenge-response key, an attacker can stream live footage. Extracted recordings may contain sensitive information, including location data.
Fonte⚠️ https://github.com/geo-chen/i-Drive
Utente
 geochen (UID 78995)
Sottomissione27/02/2025 16:58 (1 Anno fa)
Moderazione03/03/2025 13:25 (4 days later)
StatoAccettato
Voce VulDB298195 [i-Drive i11/i12 fino a 20250227 Video Footage/Live Video Stream escalationi di privilegi]
Punti20

Do you know our Splunk app?

Download it now for free!