CVE-2025-2556

CVE-2025-2556 concerns Audi UTR Dashcam 2.0. The vulnerability affects the Video Stream Handler component, where hard-coded credentials enable exploitation within a local network. Public disclosure has occurred. Affected versions: 2.0; mitigations available: upgrade to 2.89 (new customers) or 2.9...

CVE-2025-2556 Audi UTR Dashcam Video Stream hard-coded credentials

A vulnerability classified as problematic was found in Audi UTR Dashcam 2.0. Affected by this vulnerability is an unknown functionality of the component Video Stream Handler. The manipulation leads to hard-coded credentials. The attack can only be initiated within the local network. The exploit h...

Esri ArcGIS Enterprise 信任管理问题漏洞

Esri Portal for ArcGIS is a Web-based geographic information system GIS platform. A hard-coded credentials vulnerability exists in Esri Portal for ArcGIS, which can be exploited by an attacker to gain administrative access to the system...

Audi UTR Dashcam 安全漏洞

Audi UTR Dashcam is a high performance Audi car recorder from Audi Germany. It is used to accurately videotape and record details during driving. A security vulnerability exists in Audi UTR Dashcam version 2.0, which stems from the use of hard-coded credentials by the Video Stream Handler...

Audi Universal Traffic Recorder App 安全漏洞

The Audi Universal Traffic Recorder App is a special app for traffic recorders from Audi, which can be used to connect to a traffic recorder, view previews, lock videos, and other operations. A security vulnerability exists in the Audi Universal Traffic Recorder App version 2.0, which stems from...

CVE-2025-2343

A vulnerability classified as critical was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. Affected by this vulnerability is an unknown functionality of the component Device Pairing. The manipulation leads to hard-coded credentials. Access to the local network is required for this atta...

CVE-2025-2342

A vulnerability classified as critical has been found in IROAD X5 Mobile App up to 5.2.5 on Android. Affected is an unknown function of the component API Endpoint. The manipulation leads to hard-coded credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the...

Forvia Hella HELLA Driving Recorder DR 820 安全漏洞

Forvia Hella HELLA Driving Recorder DR 820 is a driving recorder from Forvia. A security vulnerability exists in Forvia Hella HELLA Driving Recorder DR 820, which stems from the use of hard-coded credentials on ports 9091 and 9092 in the APK, which allows an attacker to gain unauthorized access t...

IROAD APK 安全漏洞

The IROAD APK is a mobile application from IROAD that works with the IROAD Car Recorder. A security vulnerability exists in IROAD APK version 5.2.5, which stems from the use of hard-coded credentials on ports 9091 and 9092 in the APK, which could allow an attacker to access the API endpoint and...

IROAD V Series 安全漏洞

IROAD V Series is a series of car recorders from IROAD. The IROAD V Series suffers from a security vulnerability that stems from the use of hard-coded default credentials in the car recorder, which allows an attacker to connect to the device's network within Wi-Fi range to sniff it...

ROADCAM X3 安全漏洞

ROADCAM X3 is a car recorder with HD quality and easy to carry by ROADCAM. It is used to record the process of driving, and supports video cropping, sharing and other functions. ROADCAM X3 suffers from a security vulnerability that originates from the inclusion of hard-coded FTP credentials in th...

CVE-2025-2322

A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5. It has been classified as critical. This affects an unknown part of the file /chatgpt-boot/src/main/java/org/springblade/modules/mjkj/controller/OpenController.java. The manipulation leads to hard-coded credentials. It is...

CVE-2025-2343

A vulnerability classified as critical was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. Affected by this vulnerability is an unknown functionality of the component Device Pairing. The manipulation leads to hard-coded credentials. Access to the local network is required for this atta...

CVE-2025-2343

CVE-2025-2343 affects the IROAD Dash Cam X5 and X6 (up to 20250308). The vulnerability concerns an unknown functionality in the Device Pairing component and is due to hard-coded credentials, enabling access from the local network. The attack vector is listed as adjacent network with high attack c...

CVE-2025-2343 IROAD Dash Cam X5/Dash Cam X6 Device Pairing hard-coded credentials

A vulnerability classified as critical was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. Affected by this vulnerability is an unknown functionality of the component Device Pairing. The manipulation leads to hard-coded credentials. Access to the local network is required for this atta...

CVE-2025-2343 IROAD Dash Cam X5/Dash Cam X6 Device Pairing hard-coded credentials

A vulnerability classified as critical was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. Affected by this vulnerability is an unknown functionality of the component Device Pairing. The manipulation leads to hard-coded credentials. Access to the local network is required for this atta...

CVE-2025-2342

A vulnerability classified as critical has been found in IROAD X5 Mobile App up to 5.2.5 on Android. Affected is an unknown function of the component API Endpoint. The manipulation leads to hard-coded credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2025-2342 IROAD X5 Mobile App API Endpoint hard-coded credentials

A vulnerability classified as critical has been found in IROAD X5 Mobile App up to 5.2.5 on Android. Affected is an unknown function of the component API Endpoint. The manipulation leads to hard-coded credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2025-2342 IROAD X5 Mobile App API Endpoint hard-coded credentials

A vulnerability classified as critical has been found in IROAD X5 Mobile App up to 5.2.5 on Android. Affected is an unknown function of the component API Endpoint. The manipulation leads to hard-coded credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2025-2342

CVE-2025-2342 affects the IROAD X5 Mobile App (Android) up to version 5.2.5. The vulnerability targets an unknown function within the API Endpoint component, where manipulation results in hard-coded credentials. This enables a remote attack without user interaction. The incident is publicly discl...