Improper Authorization in IROAD Dash Cam X5 and X6
CVE-2025-2345

9.3CRITICAL

Key Information:

Vendor

Iroad

Status
Dash Cam X5
Dash Cam X6
Vendor
CVE Published:
16 March 2025

What is CVE-2025-2345?

A vulnerability has been identified in IROAD Dash Cam X5 and Dash Cam X6 models released up to March 8, 2025, which allows remote attackers to gain unauthorized access. This could lead to manipulation of camera settings and potential exploitation of sensitive data. Despite early disclosure, the vendor has not responded, leaving users at risk of exploitation through remote attacks. It's crucial for users of the affected models to remain vigilant and explore available mitigating strategies.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Dash Cam X5 20250308

Dash Cam X6 20250308

References

https://vuldb.com/?id.299811
vdb-entry
https://vuldb.com/?ctiid.299811
signaturepermissions-required
https://vuldb.com/?submit.516883
third-party-advisory

CVSS V4

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

geochen (VulDB User)
JSON
.