| タイトル | 70mai dashcam Dash Cam 1S Configuration |
|---|
| 説明 | Unauthorised Configuration Change - Once connected to the network of 70mai Dashcam 1S, an attacker can make unauthorised configuration changes to the dashcam and even sabotage the car battery to drain it by disabling the battery protection settings:
curl -s "http://x.x.x.x/cgi-bin/Config.cgi?action=set&property=Camera.Menu.<REDACTED>
A remote attacker nearby connected to the dashcam can make unauthorised changes to the dashcam's configurations without alerting the dashcam owner or pressing any physical pairing button on the dashcam. |
|---|
| ソース | ⚠️ https://github.com/geo-chen/70mai/blob/main/README.md#finding-3-unauthorised-configuration-change |
|---|
| ユーザー | geochen (UID 78995) |
|---|
| 送信 | 2025年06月11日 17:18 (10 月 ago) |
|---|
| モデレーション | 2025年06月23日 16:11 (12 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 313642 [70mai 1S 迄 20250611 Configuration Config.cgi?action=set 特権昇格] |
|---|
| ポイント | 20 |
|---|