31 matches found
EUVD-2025-6687
Malicious code in bioql PyPI...
EUVD-2025-6685
Malicious code in bioql PyPI...
EUVD-2025-6684
Malicious code in bioql PyPI...
EUVD-2025-6683
Malicious code in bioql PyPI...
EUVD-2025-6686
Malicious code in bioql PyPI...
CVE-2025-30115
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Default Credentials Cannot Be Changed. It uses a fixed default SSID and password "qwertyuiop", which cannot be modified by users. The SSID is continuously broadcast, allowing unauthorized access to the device network...
CVE-2025-30117
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. After bypassing the device pairing, an attacker can obtain sensitive user and vehicle information...
CVE-2025-30113
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and 9092. These...
CVE-2025-30114
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pairing mechanism relies solely on the connecting device's MAC address. By obtaining the MAC address through network scanning and spoofing it, an attacker can bypass the...
CVE-2025-30116
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to access and download recorded video footage from the SD card via port 9091. Additionally, attackers can connect to port 90...
CVE-2025-30116
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to access and download recorded video footage from the SD card via port 9091. Additionally, attackers can connect to port 90...
CVE-2025-30117
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. After bypassing the device pairing, an attacker can obtain sensitive user and vehicle information...
CVE-2025-30114
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pairing mechanism relies solely on the connecting device's MAC address. By obtaining the MAC address through network scanning and spoofing it, an attacker can bypass the...
CVE-2025-30115
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Default Credentials Cannot Be Changed. It uses a fixed default SSID and password "qwertyuiop", which cannot be modified by users. The SSID is continuously broadcast, allowing unauthorized access to the device network...
CVE-2025-30113
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and 9092. These...
CVE-2025-30115
CVE-2025-30115 affects the Forvia Hella HELLA Driving Recorder DR 820. The root cause is the use of fixed default credentials that cannot be changed, including a default SSID and password ("qwertyuiop"), which are continuously broadcast and allow unauthorized access to the device network. The ava...
CVE-2025-30113
CVE-2025-30113 affects the Forvia Hella HELLA Driving Recorder DR 820. The dashcam Android APK stores hardcoded credentials in cleartext, enabling unauthorized access to device settings via network ports 9091 and 9092. Affects the dashcam/app, with root cause described as hardcoded credentials in...
CVE-2025-30116
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to access and download recorded video footage from the SD card via port 9091. Additionally, attackers can connect to port 90...
CVE-2025-30117
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. After bypassing the device pairing, an attacker can obtain sensitive user and vehicle information...
CVE-2025-30116
CVE-2025-30116 affects the Forvia Hella HELLA Driving Recorder DR 820. A vulnerability allows remote attackers to dump recorded video footage from the SD card via port 9091 and to stream the live video feed via port 9092 by bypassing the challenge–response authentication. Attack requires network ...