Lucene search
K

341 matches found

NVD
NVD
added 2025/03/18 3:16 p.m.11 views

CVE-2025-30117

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. After bypassing the device pairing, an attacker can obtain sensitive user and vehicle information...

7.3CVSS0.00347EPSS
Exploits0References2
NVD
NVD
added 2025/03/18 3:16 p.m.8 views

CVE-2025-30114

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pairing mechanism relies solely on the connecting device's MAC address. By obtaining the MAC address through network scanning and spoofing it, an attacker can bypass the...

9.1CVSS0.00417EPSS
Exploits0References2
NVD
NVD
added 2025/03/18 3:16 p.m.8 views

CVE-2025-30115

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Default Credentials Cannot Be Changed. It uses a fixed default SSID and password "qwertyuiop", which cannot be modified by users. The SSID is continuously broadcast, allowing unauthorized access to the device network...

9.8CVSS0.00413EPSS
Exploits0References2
NVD
NVD
added 2025/03/18 3:16 p.m.16 views

CVE-2025-30113

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and 9092. These...

9.8CVSS0.00413EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/18 12:0 a.m.7 views

CVE-2025-30116

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to access and download recorded video footage from the SD card via port 9091. Additionally, attackers can connect to port 90...

7.5AI score0.00508EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/18 12:0 a.m.6 views

Forvia Hella HELLA Driving Recorder DR 820 安全漏洞

Forvia Hella HELLA Driving Recorder DR 820 is a driving recorder from Forvia. A security vulnerability exists in Forvia Hella HELLA Driving Recorder DR 820, which stems from a device pairing mechanism that relies only on the MAC address of the connected device, allowing an attacker to bypass...

9.1CVSS6.9AI score0.00417EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/18 12:0 a.m.8 views

CVE-2025-30117

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. After bypassing the device pairing, an attacker can obtain sensitive user and vehicle information...

6.6AI score0.00347EPSS
Exploits0References2
CVE
CVE
added 2025/03/18 12:0 a.m.47 views

CVE-2025-30116

CVE-2025-30116 affects the Forvia Hella HELLA Driving Recorder DR 820. A vulnerability allows remote attackers to dump recorded video footage from the SD card via port 9091 and to stream the live video feed via port 9092 by bypassing the challenge–response authentication. Attack requires network ...

7.5CVSS7AI score0.00508EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/03/18 12:0 a.m.6 views

Forvia Hella HELLA Driving Recorder DR 820 安全漏洞

Forvia Hella HELLA Driving Recorder DR 820 is a driving recorder from Forvia. A security vulnerability exists in Forvia Hella HELLA Driving Recorder DR 820 that stems from the use of a fixed default SSID and password that cannot be modified by the user, allowing unauthorized access to the device...

9.8CVSS6.8AI score0.00413EPSS
Exploits0References3
CVE
CVE
added 2025/03/18 12:0 a.m.50 views

CVE-2025-30117

The CVE-2025-30117 entry concerns the Forvia Hella HELLA Driving Recorder DR 820. After bypassing device pairing, unauthorized remote access can obtain sensitive user/vehicle data via the settings interface. The root cause is the ability to bypass pairing and access settings, enabling manipulatio...

7.3CVSS6.1AI score0.00347EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/03/18 12:0 a.m.51 views

CVE-2025-30114

CVE-2025-30114 affects the Forvia Hella HELLA Driving Recorder DR 820. The issue is a weakness in the pairing mechanism that relies solely on the connecting device’s MAC address, allowing an attacker to bypass authentication by scanning and spoofing the MAC address, potentially gaining full acces...

9.1CVSS7AI score0.00417EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/03/18 12:0 a.m.5 views

Forvia Hella HELLA Driving Recorder DR 820 安全漏洞

Forvia Hella HELLA Driving Recorder DR 820 is a driving recorder from Forvia. A security vulnerability exists in the Forvia Hella HELLA Driving Recorder DR 820, which originated from a vulnerability that allows remote attackers to access and download recorded video via port 9091, and stream...

7.5CVSS7AI score0.00508EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/18 12:0 a.m.5 views

Forvia Hella HELLA Driving Recorder DR 820 安全漏洞

Forvia Hella HELLA Driving Recorder DR 820 is a driving recorder from Forvia. A security vulnerability exists in Forvia Hella HELLA Driving Recorder DR 820, which stems from the use of hard-coded credentials on ports 9091 and 9092 in the APK, which allows an attacker to gain unauthorized access t...

9.8CVSS6.9AI score0.00413EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/18 12:0 a.m.18 views

CVE-2025-30117

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. After bypassing the device pairing, an attacker can obtain sensitive user and vehicle information...

0.00347EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/18 12:0 a.m.13 views

CVE-2025-30115

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Default Credentials Cannot Be Changed. It uses a fixed default SSID and password "qwertyuiop", which cannot be modified by users. The SSID is continuously broadcast, allowing unauthorized access to the device network...

0.00413EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/18 12:0 a.m.14 views

CVE-2025-30114

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pairing mechanism relies solely on the connecting device's MAC address. By obtaining the MAC address through network scanning and spoofing it, an attacker can bypass the...

0.00417EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/06 12:52 a.m.10 views

CVE-2022-3130

A vulnerability classified as critical has been found in codeprojects Online Driving School. This affects an unknown part of the file /login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

9.8CVSS7.3AI score0.00786EPSS
Exploits1References1
Malwarebytes
Malwarebytes
added 2025/01/14 12:20 p.m.10 views

Insurance company accused of using secret software to illegally collect and sell location data on millions of Americans

Insurance company Allstate and its subsidiary Arity unlawfully collected, used, and sold data about the location and movement of Texans’ cell phones through secretly embedded software in mobile apps, according to Texas Attorney General Ken Paxton. Attorney General Paxton says the companies didn't...

7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/10/18 5:48 a.m.2 views

N-LINE vulnerable to HTML injection

Overview N-LINE provided by NEUMANN CO.LTD. is an online learning management system for driving schools. N-LINE processes inputs with insufficient check CWE-94, and malicious inputs from an student's device may badly impact the instructor's screen. Ayato Shitomi of Fore-Z co.ltd reported this...

7.4CVSS6.8AI score0.00219EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/10/18 12:0 a.m.15 views

JVN#57285747: N-LINE vulnerable to HTML injection

N-LINE provided by NEUMANN CO.LTD. is an online learning management system for driving schools. N-LINE processes inputs with insufficient check CWE-94, and malicious inputs from an student's device may badly impact the instructor's screen. Impact Arbitrary code may be executed on the instructor's...

7.4CVSS7.1AI score0.00219EPSS
Exploits0
Rows per page
Query Builder