Device Pairing Vulnerability in IROAD Dash Cam by IROAD
CVE-2025-2343

7.7HIGH

Key Information:

Vendor

Iroad

Status
Dash Cam X5
Dash Cam X6
Vendor
CVE Published:
16 March 2025

What is CVE-2025-2343?

A security flaw has been identified in the IROAD Dash Cam X5 and X6, affecting the device pairing functionality. This vulnerability involves the use of hard-coded credentials, allowing unauthorized access to local networks when exploited. While the attack complexity is high and requires specific conditions, the presence of this vulnerability could pose significant risks if not addressed. Despite notifications to the vendor regarding this issue, no response has been received to initiate a remedy.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Dash Cam X5 20250308

Dash Cam X6 20250308

References

https://vuldb.com/?id.299809
vdb-entry
https://vuldb.com/?ctiid.299809
signaturepermissions-required
https://vuldb.com/?submit.516881
third-party-advisory

CVSS V4

Score:
7.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

geochen (VulDB User)
JSON
.