How severe is CVE-2025-2346?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.6 out of 10.

What type of vulnerability is CVE-2025-2346?

This is classified as CWE-345, which is a common weakness in software security.

CVE-2025-2346 - MEDIUM Severity | CVSS 5.6

Vulnerability Description

A vulnerability has been found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308 and classified as problematic. This vulnerability affects unknown code of the component Domain Handler. The manipulation of the argument Domain Name leads to origin validation error. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult.

Related Vulnerabilities

CVE-2024-28251

MEDIUM

CVSS:5.6(Medium)

Querybook is a Big Data Querying UI, combining collocated table metadata and a simple notebook interface. Querybook's datadocs functionality works by using a Websocket Server. The client talks to this...

CWE-3452024

CVE-2019-10157

MEDIUM

CVSS:5.5(Medium)

It was found that Keycloak's Node.js adapter before version 4.8.3 did not properly verify the web token received from the server in its backchannel logout . An attacker with local access could use thi...

CWE-3452019

CVE-2020-14122

MEDIUM

CVSS:5.5(Medium)

Some Xiaomi phones have information leakage vulnerabilities, and some of them may be able to forge a specific identity due to the lack of parameter verification, resulting in user information leakage.

CWE-3452020

CVE-2020-23906

MEDIUM

CVSS:5.5(Medium)

FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of data authenticity.

CWE-3452020

CVE-2020-9885

MEDIUM

CVSS:5.5(Medium)

An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchO...

CWE-3452020

CVE-2021-22419

MEDIUM

CVSS:5.5(Medium)

A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to cause persistent dos.

CWE-3452021