{"vulnerability": "CVE-2025-3011", "sightings": [{"uuid": "c72ffc3b-0e55-4aad-b486-aef055dc320d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3011", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llnk4az4le24", "content": "", "creation_timestamp": "2025-03-31T04:40:20.067607Z"}, {"uuid": "238853d9-508d-46d7-9eb7-ca0fb58391f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3011", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114255469489298392", "content": "", "creation_timestamp": "2025-03-31T05:48:28.894801Z"}, {"uuid": "4c010a98-068f-49d8-acb8-7a1b5a5ce5dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3011", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114255469489298392", "content": "", "creation_timestamp": "2025-03-31T05:48:28.888630Z"}, {"uuid": "abf493bc-6080-489b-b258-7ba4ecccde71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3011", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3llo2zexp262z", "content": "", "creation_timestamp": "2025-03-31T09:42:57.324303Z"}, {"uuid": "5796323b-a2d6-4fd5-ad07-87bd694018c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30115", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobidgw6f2s", "content": "", "creation_timestamp": "2025-03-18T18:13:34.276884Z"}, {"uuid": "6c1d4d74-f5ed-46b6-92f3-57f694317214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30112", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll5m6ihw6z2l", "content": "", "creation_timestamp": "2025-03-24T20:34:49.125707Z"}, {"uuid": "e8aa2157-d981-45ca-bfa7-7195cb9f4e34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30111", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobibvent26", "content": "", "creation_timestamp": "2025-03-18T18:13:28.005651Z"}, {"uuid": "9eb7b702-9aa8-4550-8c0d-b0f271640880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30114", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobidnugm2h", "content": "", "creation_timestamp": "2025-03-18T18:13:35.489745Z"}, {"uuid": "8e66a48c-fe28-4546-9bdc-ddca2c980d5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30116", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobickiyn2s", "content": "", "creation_timestamp": "2025-03-18T18:13:29.987257Z"}, {"uuid": "87d1a1ab-3a63-4020-91e3-742a5104095d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30113", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobiduwpv2s", "content": "", "creation_timestamp": "2025-03-18T18:13:36.737415Z"}, {"uuid": "e05e62ef-d657-42fb-a8de-c0f6d47185ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30117", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobidyjst2x", "content": "", "creation_timestamp": "2025-03-18T18:13:37.338592Z"}, {"uuid": "7e7178a3-af51-4046-9445-8ab091d535fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30110", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobicrxkw26", "content": "", "creation_timestamp": "2025-03-18T18:13:31.220763Z"}, {"uuid": "0c86525f-aa58-4b56-a45c-b5ceeeaf3cad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30118", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lla6dgxnqm26", "content": "", "creation_timestamp": "2025-03-25T21:05:02.609635Z"}, {"uuid": "de0c3f36-9290-4a84-8477-527e9a07330d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3011", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:57.000000Z"}, {"uuid": "00c00afd-4dea-4553-9f1e-c55699c9d691", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30114", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:28.000000Z"}, {"uuid": "1c9c4ae1-e19a-4085-b70b-26610b8c0da8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3011", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"}, {"uuid": "066b44de-4417-4c88-8f76-52969f10c6d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30111", "type": "seen", "source": "https://bsky.app/profile/lbtoday1.bsky.social/post/3ly3mgkjshe2a", "content": "", "creation_timestamp": "2025-09-05T12:01:28.943689Z"}, {"uuid": "c8c42d10-7ca1-422a-b3c3-2744d9febca0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30114", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:28.000000Z"}, {"uuid": "ac664ab8-7c2b-41fc-bd8b-ad8f885672dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30111", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8565", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30111\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam exposes endpoints that allow unauthorized users, who gained access through other means, to list and download recorded videos, as well as access live video streams without proper authentication.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T21:59:03.152Z\n\ud83d\udd17 References:\n1. https://iroad-dashcam.nl/iroad/iroad-x5/\n2. https://github.com/geo-chen/IROAD-V", "creation_timestamp": "2025-03-24T22:23:45.000000Z"}, {"uuid": "ece47250-8d39-4d31-80d7-e3da67ccdc6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30114", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7915", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30114\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pairing mechanism relies solely on the connecting device's MAC address. By obtaining the MAC address through network scanning and spoofing it, an attacker can bypass the authentication process and gain full access to the dashcam's features without proper authorization.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T14:36:40.260Z\n\ud83d\udd17 References:\n1. https://medium.com/@geochen/cve-draft-hella-driving-recorder-dr-820-ff8c4e2cca26\n2. https://github.com/geo-chen/Hella", "creation_timestamp": "2025-03-18T14:50:03.000000Z"}, {"uuid": "b5c7d6e9-9f98-4976-9e8e-bb8febd8bedb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30116", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7913", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30116\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to access and download recorded video footage from the SD card via port 9091. Additionally, attackers can connect to port 9092 to stream the live video feed by bypassing the challenge-response authentication mechanism. This exposes sensitive location and personal data.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T14:36:58.634Z\n\ud83d\udd17 References:\n1. https://medium.com/@geochen/cve-draft-hella-driving-recorder-dr-820-ff8c4e2cca26\n2. https://github.com/geo-chen/Hella", "creation_timestamp": "2025-03-18T14:50:02.000000Z"}, {"uuid": "a5cf3a22-6136-4187-91f5-4f464b2057c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30115", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7917", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30115\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Default Credentials Cannot Be Changed. It uses a fixed default SSID and password (\"qwertyuiop\"), which cannot be modified by users. The SSID is continuously broadcast, allowing unauthorized access to the device network.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T14:35:48.446Z\n\ud83d\udd17 References:\n1. https://medium.com/@geochen/cve-draft-hella-driving-recorder-dr-820-ff8c4e2cca26\n2. https://github.com/geo-chen/Hella", "creation_timestamp": "2025-03-18T14:50:08.000000Z"}, {"uuid": "f0c3a470-5ec9-4ba8-b32a-ef63ef241429", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30113", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7916", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30113\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and 9092. These credentials, stored in cleartext, can be exploited by an attacker who gains access to the dashcam's network.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T14:36:15.171Z\n\ud83d\udd17 References:\n1. https://medium.com/@geochen/cve-draft-hella-driving-recorder-dr-820-ff8c4e2cca26\n2. https://github.com/geo-chen/Hella", "creation_timestamp": "2025-03-18T14:50:07.000000Z"}, {"uuid": "91949827-2e60-43d2-948b-e1350c38aeb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30117", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7912", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30117\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. After bypassing the device pairing, an attacker can obtain sensitive user and vehicle information through the settings interface. Remote attackers can modify power management settings, disable recording, delete stored footage, and turn off battery protection, leading to potential denial-of-service conditions and vehicle battery drainage.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T14:37:22.092Z\n\ud83d\udd17 References:\n1. https://medium.com/@geochen/cve-draft-hella-driving-recorder-dr-820-ff8c4e2cca26\n2. https://github.com/geo-chen/Hella", "creation_timestamp": "2025-03-18T14:50:01.000000Z"}, {"uuid": "38ba113b-1c4f-42e9-8673-8cc6ee2b15fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30110", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8379", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30110\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: On IROAD X5 devices, a Bypass of Device Pairing can occur via MAC Address Spoofing. The dashcam's pairing mechanism relies solely on MAC address verification, allowing an attacker to bypass authentication by spoofing an already-paired MAC address that can be captured via an ARP scan.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-21T16:33:30.468Z\n\ud83d\udd17 References:\n1. https://iroad-dashcam.nl/iroad/iroad-x5/\n2. https://github.com/geo-chen/IROAD-V", "creation_timestamp": "2025-03-21T17:19:19.000000Z"}, {"uuid": "300ac55a-81ab-48c6-afd0-6ae51813a34e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30118", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8761", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30118\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered on the Audi Universal Traffic Recorder 2.88. It has Susceptibility to denial of service. It uses the same default credentials for all devices and does not implement proper multi-device authentication, allowing attackers to deny the owner access by occupying the only available connection. The SSID remains broadcast at all times, increasing exposure to potential attacks.\n\ud83d\udccf Published: 2025-03-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-25T20:05:37.917Z\n\ud83d\udd17 References:\n1. https://github.com/geo-chen/Audi/blob/main/README.md#finding-1---cve-2025-30118-audi-utr-susceptibility-to-dos", "creation_timestamp": "2025-03-25T20:24:28.000000Z"}, {"uuid": "56d3a82a-647a-40c9-810c-d56d9ca76af4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30117", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8718", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30117\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. After bypassing the device pairing, an attacker can obtain sensitive user and vehicle information through the settings interface. Remote attackers can modify power management settings, disable recording, delete stored footage, and turn off battery protection, leading to potential denial-of-service conditions and vehicle battery drainage.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-25T18:19:25.014Z\n\ud83d\udd17 References:\n1. https://medium.com/@geochen/cve-draft-hella-driving-recorder-dr-820-ff8c4e2cca26\n2. https://github.com/geo-chen/Hella", "creation_timestamp": "2025-03-25T18:25:01.000000Z"}, {"uuid": "f38ca570-a49f-4fca-bbcf-869519133b01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30118", "type": "seen", "source": "https://t.me/cvedetector/21136", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30118 - Audi Universal Traffic Recorder Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30118 \nPublished : March 25, 2025, 8:15 p.m. | 2\u00a0hours, 5\u00a0minutes ago \nDescription : An issue was discovered on the Audi Universal Traffic Recorder 2.88. It has Susceptibility to denial of service. It uses the same default credentials for all devices and does not implement proper multi-device authentication, allowing attackers to deny the owner access by occupying the only available connection. The SSID remains broadcast at all times, increasing exposure to potential attacks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T23:40:53.000000Z"}, {"uuid": "41583013-0c66-43ac-babf-33c2be894ae2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30116", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8723", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30116\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to access and download recorded video footage from the SD card via port 9091. Additionally, attackers can connect to port 9092 to stream the live video feed by bypassing the challenge-response authentication mechanism. This exposes sensitive location and personal data.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-25T18:13:44.031Z\n\ud83d\udd17 References:\n1. https://medium.com/@geochen/cve-draft-hella-driving-recorder-dr-820-ff8c4e2cca26\n2. https://github.com/geo-chen/Hella", "creation_timestamp": "2025-03-25T18:25:08.000000Z"}, {"uuid": "85999573-e61d-48f1-9ed3-b8c425d6979a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3011", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9645", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3011\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: SOOP-CLM from PiExtract has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.\n\ud83d\udccf Published: 2025-03-31T03:30:48.092Z\n\ud83d\udccf Modified: 2025-03-31T13:00:10.205Z\n\ud83d\udd17 References:\n1. https://www.twcert.org.tw/tw/cp-132-10048-d690c-1.html\n2. https://www.twcert.org.tw/en/cp-139-10049-394bd-2.html", "creation_timestamp": "2025-03-31T13:31:20.000000Z"}, {"uuid": "e56c4a07-ea15-4451-abbc-a3e7ca37aa4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3011", "type": "seen", "source": "https://t.me/cvedetector/21538", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3011 - PiExtract SOOP-CLM SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3011 \nPublished : March 31, 2025, 4:15 a.m. | 27\u00a0minutes ago \nDescription : SOOP-CLM from PiExtract has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T07:28:38.000000Z"}, {"uuid": "d66a502a-df40-450e-a883-eb8948426628", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30115", "type": "seen", "source": "https://t.me/cvedetector/20581", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30115 - Forvia Hella HELLA Driving Recorder DR 820 Default Credentials Hardcoded Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30115 \nPublished : March 18, 2025, 3:16 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Default Credentials Cannot Be Changed. It uses a fixed default SSID and password (\"qwertyuiop\"), which cannot be modified by users. The SSID is continuously broadcast, allowing unauthorized access to the device network. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T17:44:17.000000Z"}, {"uuid": "875df9ab-ddef-4e36-9469-b232ae8b2708", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30113", "type": "seen", "source": "https://t.me/cvedetector/20580", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30113 - Forvia Hella HELLA Driving Recorder DR 820 Hardcoded Credentials Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30113 \nPublished : March 18, 2025, 3:16 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and 9092. These credentials, stored in cleartext, can be exploited by an attacker who gains access to the dashcam's network. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T17:44:16.000000Z"}, {"uuid": "ec90abf1-a784-4f9a-adbf-8d394a1868aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30111", "type": "seen", "source": "https://t.me/cvedetector/20579", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30111 - IROAD Dashcam Unauthenticated Video Footage and Live Stream Exposure\", \n  \"Content\": \"CVE ID : CVE-2025-30111 \nPublished : March 18, 2025, 3:16 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam exposes endpoints that allow unauthorized users, who gained access through other means, to list and download recorded videos, as well as access live video streams without proper authentication. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T17:44:16.000000Z"}, {"uuid": "c65cae43-a05f-4d73-af0e-7b60a357c500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30114", "type": "seen", "source": "https://t.me/cvedetector/20585", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30114 - Forvia Hella HELLA Driving Recorder DR 820 Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-30114 \nPublished : March 18, 2025, 3:16 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pairing mechanism relies solely on the connecting device's MAC address. By obtaining the MAC address through network scanning and spoofing it, an attacker can bypass the authentication process and gain full access to the dashcam's features without proper authorization. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T17:44:24.000000Z"}, {"uuid": "a6d45af0-4868-4688-ac52-6cd01d275073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30117", "type": "seen", "source": "https://t.me/cvedetector/20583", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30117 - Forvia Hella HELLA Driving Recorder DR 820 Authentication Bypass and Data Exfiltration Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30117 \nPublished : March 18, 2025, 3:16 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. After bypassing the device pairing, an attacker can obtain sensitive user and vehicle information through the settings interface. Remote attackers can modify power management settings, disable recording, delete stored footage, and turn off battery protection, leading to potential denial-of-service conditions and vehicle battery drainage. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T17:44:19.000000Z"}, {"uuid": "8552fb87-c947-4201-b37b-160ecdd63329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30116", "type": "seen", "source": "https://t.me/cvedetector/20582", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30116 - Forvia Hella HELLA Driving Recorder DR 820 Remote Video Footage Dumping and Live Stream Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-30116 \nPublished : March 18, 2025, 3:16 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to access and download recorded video footage from the SD card via port 9091. Additionally, attackers can connect to port 9092 to stream the live video feed by bypassing the challenge-response authentication mechanism. This exposes sensitive location and personal data. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T17:44:18.000000Z"}, {"uuid": "4d540dd9-e510-468d-94af-61a21e2839bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30110", "type": "seen", "source": "https://t.me/cvedetector/20578", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30110 - IROAD X5 MAC Address Spoofing Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-30110 \nPublished : March 18, 2025, 3:16 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : On IROAD X5 devices, a Bypass of Device Pairing can occur via MAC Address Spoofing. The dashcam's pairing mechanism relies solely on MAC address verification, allowing an attacker to bypass authentication by spoofing an already-paired MAC address that can be captured via an ARP scan. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T17:44:12.000000Z"}, {"uuid": "8e5284f1-7c44-47aa-8b9a-ce85dd206852", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3011", "type": "seen", "source": "Telegram/DCVbRdT_qFrZ0rXrPZ-NREmPhb85qceJxgEhmh0x1cJAtg8", "content": "", "creation_timestamp": "2025-03-31T06:00:41.000000Z"}, {"uuid": "8dd79b46-0eeb-453c-995b-4beb274a6525", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30112", "type": "seen", "source": "https://t.me/cvedetector/20986", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30112 - \"70mai Dash Cam 1S Authorization Bypass\"\", \n  \"Content\": \"CVE ID : CVE-2025-30112 \nPublished : March 24, 2025, 5:15 p.m. | 2\u00a0hours, 5\u00a0minutes ago \nDescription : On 70mai Dash Cam 1S devices, by connecting directly to the dashcam's network and accessing the API on port 80 and RTSP on port 554, an attacker can bypass the device authorization mechanism from the official mobile app that requires a user to physically press on the power button during a connection. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T20:54:47.000000Z"}]}