CVE-2025-30132

CVE-2025-30132 is a high-severity vulnerability (CVSS 9.1, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) affecting IROAD Dashcam V devices, classified under CWE-284 (Improper Access Control). The issue stems from the devices using an unregistered public domain name as an internal domain, which is not owned by IROAD. This misconfiguration exposes the devices to risks where the domain resolution could be hijacked, as the firmware or related services may attempt to resolve it over the public Internet rather than locally.

Any remote attacker without privileges can exploit this vulnerability by registering the unowned domain name. Once registered, the attacker can intercept sensitive traffic from the dashcam, enabling man-in-the-middle attacks or data exfiltration. The low attack complexity and lack of user interaction requirements make it highly practical for widespread exploitation against exposed devices.

The vulnerability was disclosed by researcher geo-chen via GitHub repositories at https://github.com/geo-chen/IROAD-V and https://github.com/geo-chen/IROAD?tab=readme-ov-file#finding-6-public-domain-used-for-internal-domain-name, which detail the finding. No official advisories, patches, or mitigation guidance from IROAD are referenced in the available information.