Device Pairing Bypass in IROAD Dashcam FX2 by IROAD

CVE-2025-30133

What is CVE-2025-30133?

An issue has been identified in IROAD Dashcam FX2 devices where the device pairing and registration protocol can be bypassed. By connecting to the dashcam's Wi-Fi network using the default password 'qwertyuiop', an attacker can directly access the unprotected HTTP server at http://192.168.10.1 without needing to complete the requisite pairing process through the IROAD X View app. This flaw allows for unauthorized access to the device's functions and settings, and critically, the device does not alert the user of any unauthorized connections, leading to a silent intrusion.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References