| 제목 | 70mai dashcam M300 Improper Authentication |
|---|
| 설명 | Unauthenticated Live Video Stream
Once connected to the network of 70mai Dashcam M300, an attacker can remotely access the live stream of the dashcam without authentication using the rtsp port:
rtsp://192.168.0.1:554/livestream/12
A remote attacker nearby can connect to the dashcam to view livestream without the dashcam owner's knowledge (no voice guidance or sounds triggered). |
|---|
| 원천 | ⚠️ https://github.com/geo-chen/70mai/blob/main/README.md#finding-6-unauthenticated-live-video-stream |
|---|
| 사용자 | geochen (UID 78995) |
|---|
| 제출 | 2025. 06. 11. PM 05:21 (10 개월 ago) |
|---|
| 모더레이션 | 2025. 06. 23. PM 04:11 (12 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 313645 [70mai M300 까지 20250611 RTSP Live Video Stream Endpoint /livestream/12 약한 인증] |
|---|
| 포인트들 | 19 |
|---|