CVE-2025-30141

High

Published: 18 March 2025

Published

18 March 2025

Modified

01 July 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0025 48.5th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

An adversary can leverage a computer's peripheral devices (e.

Security Summary

CVE-2025-30141 is a vulnerability in G-Net Dashcam BB GONX devices that exposes API endpoints on ports 9091 and 9092, enabling remote access to recorded video footage and live video streams. Attackers can retrieve all stored recordings in JDR format and convert them to MP4, while port 9092 provides an RTSP stream for real-time video extraction without the owner's knowledge. The issue, published on 2025-03-18, carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) and maps to CWE-284 (Improper Access Control).

An attacker with network access to the dashcam can exploit this vulnerability without authentication or user interaction. Exploitation allows complete dumping of historical video recordings and unauthorized viewing of live feeds, resulting in high confidentiality impact on potentially sensitive footage from the device.

References point to a GitHub repository at https://github.com/geo-chen/GNET, which demonstrates the issue, and the vendor product page at https://www.gnetsystem.com/eng/product/list?viewMode=view&idx=246&ca_id=0201. No advisories or patches detailing mitigation steps are specified in the available information.

Details

CWE(s): CWE-284

Affected Products

gnetsystem

g-onx firmware

all versions

MITRE ATT&CK Enterprise Techniques

T1005 Data from Local System Collection

Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.

attack.mitre.org →

T1025 Data from Removable Media Collection

Adversaries may search connected removable media on computers they have compromised to find files of interest.

attack.mitre.org →

T1083 File and Directory Discovery Discovery

Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system.

attack.mitre.org →

T1125 Video Capture Collection

An adversary can leverage a computer's peripheral devices (e.

attack.mitre.org →

Why these techniques?

Exposed API endpoints on ports 9091/9092 enable remote file/directory listing and dumping of stored video footage from the local SD card (T1083, T1005, T1025) and access to live RTSP video stream (T1125).

References

https://github.com/geo-chen/GNET
Third Party Advisory · cve@mitre.org
https://www.gnetsystem.com/eng/product/list?viewMode=view&idx=246&ca_id=0201
Product · cve@mitre.org