| Название | 70mai dashcam Dash Cam 1S Configuration |
|---|
| Описание | Unauthorised Configuration Change - Once connected to the network of 70mai Dashcam 1S, an attacker can make unauthorised configuration changes to the dashcam and even sabotage the car battery to drain it by disabling the battery protection settings:
curl -s "http://x.x.x.x/cgi-bin/Config.cgi?action=set&property=Camera.Menu.<REDACTED>
A remote attacker nearby connected to the dashcam can make unauthorised changes to the dashcam's configurations without alerting the dashcam owner or pressing any physical pairing button on the dashcam. |
|---|
| Источник | ⚠️ https://github.com/geo-chen/70mai/blob/main/README.md#finding-3-unauthorised-configuration-change |
|---|
| Пользователь | geochen (UID 78995) |
|---|
| Представление | 11.06.2025 17:18 (10 месяцы назад) |
|---|
| Модерация | 23.06.2025 16:11 (12 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 313642 [70mai 1S до 20250611 Configuration Config.cgi?action=set эскалация привилегий] |
|---|
| Баллы | 20 |
|---|