CVE-2025-2343

HIGH Year: 2025
CVSS v3 Score
7.5
High
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-259
View all →

Vulnerability Description

A vulnerability classified as critical was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. Affected by this vulnerability is an unknown functionality of the component Device Pairing. The manipulation leads to hard-coded credentials. Access to the local network is required for this attack to succeed. The complexity of an attack is rather high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2019-3908

HIGH
CVSS:7.5(High)

Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and ob...

CWE-2592019

CVE-2020-12037

HIGH
CVSS:7.5(High)

Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption (e.g., TLS/SSL) when configured to send treatment data to a PDMS (Pa...

CWE-2592020

CVE-2020-5351

HIGH
CVSS:7.5(High)

Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password. A remote unauthenticated malicious use...

CWE-2592020

CVE-2021-21818

HIGH
CVSS:7.5(High)

A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to a denial of service. An attacker ca...

CWE-2592021

CVE-2021-28813

HIGH
CVSS:7.5(High)

A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote at...

CWE-2592021

CVE-2022-22144

HIGH
CVSS:7.5(High)

A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. During system startup this functionality is always ...

CWE-2592022