Submeter #595450: 70mai dashcam M300 Improper Access Controlsinformação

Título70mai dashcam M300 Improper Access Controls
DescriçãoRemotely Upload Malicious Files and Execute Code The 70mai Dashcam M300 has port 23 open with weak authentication such that an attacker connecting to the dashcam's network via default credentials, without needing device-pairing, can upload arbitrary/malicious files or even replace firmware via editing the auto-run script(s). A remote attacker nearby connected to the dashcam's network can write arbitrary code into the dashcam memory or SD, run malicious commands (RCE), or even replace the firmware with a malicious one.
Fonte⚠️ https://github.com/geo-chen/70mai/blob/main/README.md#finding-7-remotely-upload-malicious-files-and-execute-code
Utilizador
 geochen (UID 78995)
Submissão11/06/2025 17h22 (há 10 meses)
Moderação23/06/2025 16h12 (12 days later)
EstadoAceite
Entrada VulDB313646 [70mai M300 até 20250611 Telnet Service Execução remota de código]
Pontos20

VoltarVisão GeralPróximo

Want to know what is going to be exploited?

We predict KEV entries!