CVE-2025-30106
Published: 18 March 2025
Description
Adversaries may passively sniff network traffic to capture information about an environment, including authentication material passed over the network.
Security Summary
CVE-2025-30106 is a vulnerability in IROAD v9 dashcam devices stemming from hardcoded default credentials ("qwertyuiop") that cannot be changed by the user. This issue, mapped to CWE-259 (Use of Hard-coded Password), enables unauthorized access to the device's Wi-Fi network. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant confidentiality, integrity, and availability impacts.
An attacker within Wi-Fi range of the affected device can exploit this vulnerability with low complexity and no required privileges or user interaction. By using the hardcoded credentials, the attacker gains network access, allowing them to perform packet sniffing and potentially capture sensitive traffic transmitted over the device's network.
References for this CVE include a GitHub repository at https://github.com/geo-chen/IROAD-V, which details the vulnerability, and a product page at https://iroad-dashcam.nl/iroad/iroad-x5/. No specific advisories or patches mentioning mitigations are provided in the available information.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Hardcoded default credentials directly enable use of default accounts for unauthorized Wi-Fi access (T1078.001); gained network access facilitates packet sniffing and traffic capture (T1040).