| 标题 | 70mai dashcam Dash Cam 1S Configuration |
|---|
| 描述 | Unauthorised Configuration Change - Once connected to the network of 70mai Dashcam 1S, an attacker can make unauthorised configuration changes to the dashcam and even sabotage the car battery to drain it by disabling the battery protection settings:
curl -s "http://x.x.x.x/cgi-bin/Config.cgi?action=set&property=Camera.Menu.<REDACTED>
A remote attacker nearby connected to the dashcam can make unauthorised changes to the dashcam's configurations without alerting the dashcam owner or pressing any physical pairing button on the dashcam. |
|---|
| 来源 | ⚠️ https://github.com/geo-chen/70mai/blob/main/README.md#finding-3-unauthorised-configuration-change |
|---|
| 用户 | geochen (UID 78995) |
|---|
| 提交 | 2025-06-11 17時18分 (11 月前) |
|---|
| 管理 | 2025-06-23 16時11分 (12 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 313642 [70mai 1S 直到 20250611 Configuration Config.cgi?action=set 权限提升] |
|---|
| 积分 | 20 |
|---|