| 제목 | 70mai dashcam Dash Cam 1S Configuration |
|---|
| 설명 | Unauthorised Configuration Change - Once connected to the network of 70mai Dashcam 1S, an attacker can make unauthorised configuration changes to the dashcam and even sabotage the car battery to drain it by disabling the battery protection settings:
curl -s "http://x.x.x.x/cgi-bin/Config.cgi?action=set&property=Camera.Menu.<REDACTED>
A remote attacker nearby connected to the dashcam can make unauthorised changes to the dashcam's configurations without alerting the dashcam owner or pressing any physical pairing button on the dashcam. |
|---|
| 원천 | ⚠️ https://github.com/geo-chen/70mai/blob/main/README.md#finding-3-unauthorised-configuration-change |
|---|
| 사용자 | geochen (UID 78995) |
|---|
| 제출 | 2025. 06. 11. PM 05:18 (10 개월 ago) |
|---|
| 모더레이션 | 2025. 06. 23. PM 04:11 (12 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 313642 [70mai 1S 까지 20250611 Configuration Config.cgi?action=set 권한 상승] |
|---|
| 포인트들 | 20 |
|---|