Отправить #603301: BlackVue Dashcam 590X Improper Access ControlsИнформация

НазваниеBlackVue Dashcam 590X Improper Access Controls
ОписаниеDescription: An attacker can upload malicious code or even malware via the following endpoint that's open without any authentication once within network: http://10.99.77.1/upload.cgi Vulnerability Type: Incorrect Access Control Vendor of Product: BlackVue Affected Product Code Base: BlackVue Dashcam 590X Affected Component: Upload mechanism Attack Type: Remote Impact Code execution: True Impact Information Disclosure: True Attack Vectors: A remote attacker can upload malware onto the dashcam via an unauthenticated upload endpoint on the dashcam's http server. Has vendor confirmed or acknowledged the vulnerability?: Yes
Источник⚠️ https://github.com/geo-chen/BlackVue/blob/main/README.md#finding-1-unauthenticated-upload-endpoint-on-http
Пользователь
 geochen (UID 78995)
Представление24.06.2025 16:15 (10 месяцы назад)
Модерация05.07.2025 10:10 (11 days later)
Статуспринято
Запись VulDB314989 [BlackVue Dashcam 590X до 20250624 HTTP Endpoint /upload.cgi эскалация привилегий]
Баллы20

ПредыдущийОбзорДалее

Want to know what is going to be exploited?

We predict KEV entries!