CVE-2025-30142

HIGH Year: 2025
CVSS v3 Score
8.1
High
Weakness Type
CWE-290
View all →

Vulnerability Description

An issue was discovered on G-Net Dashcam BB GONX devices. Bypassing of Device Pairing can occur. It uses MAC address verification as the sole mechanism for recognizing paired devices, allowing attackers to bypass authentication. By capturing the MAC address of an already-paired device through ARP scanning or other means, an attacker can spoof the MAC address and connect to the dashcam without going through the pairing process. This enables full access to the device.

Related Vulnerabilities

CVE-2017-16897

HIGH
CVSS:8.1(High)

A vulnerability has been discovered in the Auth0 passport-wsfed-saml2 library affecting versions < 3.0.5. This vulnerability allows an attacker to impersonate another user and potentially elevate thei...

CWE-2902017

CVE-2020-2002

HIGH
CVSS:8.1(High)

An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distri...

CWE-2902020

CVE-2022-0030

HIGH
CVSS:8.1(High)

An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impers...

CWE-2902022

CVE-2022-30319

HIGH
CVSS:8.1(High)

Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass. According to FSCT-2022-0062, there is a Saia Burgess Controls (SBC) PCD S-Bus authentication bypass issue. The affected...

CWE-2902022

CVE-2022-32747

HIGH
CVSS:8.1(High)

A CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause legitimate users to be locked out of devices or facilitate backdoor account creation by spoofing a device on the loca...

CWE-2902022