| タイトル | 70mai dash cam Omni X200 Improper Access Controls |
|---|
| 説明 | Exposed Root Password via Unauthenticated HTTP Server
The 70mai Dashcam Omni X200 has port 80 open without authentication such that an attacker connecting to the dashcam's network via default credentials can access all files on it.
A remote attacker nearby connected to the dashcam's network can access all files on the web server without going through authentication or device pairing and can obtain the root password. |
|---|
| ソース | ⚠️ https://github.com/geo-chen/70mai/blob/main/README.md#finding-10-exposed-root-password-via-unauthenticated-http-server |
|---|
| ユーザー | geochen (UID 78995) |
|---|
| 送信 | 2025年10月10日 06:47 (8 月 ago) |
|---|
| モデレーション | 2025年10月19日 04:39 (9 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 329022 [70mai X200 迄 20251010 HTTP Web Server リモートコード実行] |
|---|
| ポイント | 19 |
|---|