All intelligence
// vulnerability record
live · NVDCVE-2025-30111
HIGHpublished 2025-03-18 15:16 UTC · 1 year ago · modified 2026-06-17 09:08 UTC
7.5
CVSS / 10
// description
On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam exposes endpoints that allow unauthorized users, who gained access through other means, to list and download recorded videos, as well as access live video streams without proper authentication.
// cvss 3.1 vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
// weaknesses (CWE)
- CWE-306