CVE-2025-2344
📋 TL;DR
This critical vulnerability in IROAD Dash Cam X5 and X6 allows remote attackers to access video footage and live streams without authentication due to missing API endpoint authentication. It affects dash cam owners using these models with firmware up to March 8, 2025. Attackers can remotely exploit this to view and potentially download sensitive video recordings.
💻 Affected Systems
- IROAD Dash Cam X5
- IROAD Dash Cam X6
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of dash cam video feeds, allowing attackers to monitor live footage, download recorded videos containing sensitive locations/personal information, and potentially use this for surveillance, stalking, or intelligence gathering.
Likely Case
Unauthorized access to video streams and recordings, potentially exposing personal movements, vehicle locations, and private conversations captured by the dash cams.
If Mitigated
No impact if proper network segmentation and authentication controls prevent external access to dash cam APIs.
🎯 Exploit Status
Public GitHub repository demonstrates remote video dumping and live stream access without authentication. Simple HTTP requests can exploit this vulnerability.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: None available
Restart Required: No
Instructions:
No official patch available. Vendor has not responded to disclosure. Check IROAD website for firmware updates and apply if available.
🔧 Temporary Workarounds
Network Segmentation
allIsolate dash cam network from internet and untrusted networks
Firewall Rules
linuxBlock external access to dash cam API endpoints
iptables -A INPUT -s 0.0.0.0/0 -p tcp --dport [DASH_CAM_PORT] -j DROP
🧯 If You Can't Patch
- Disconnect dash cam from internet/Wi-Fi and use only local storage
- Place dash cam on isolated VLAN with no internet access
🔍 How to Verify
Check if Vulnerable:
Attempt to access dash cam API endpoints without authentication using tools like curl: curl http://[DASH_CAM_IP]/api/video or similar endpointsCheck Version:
Check dash cam firmware version in device settings or mobile app. Vulnerable if version date is 20250308 or earlier.Verify Fix Applied:
Verify authentication is required for all API endpoints. Attempt same curl command should return authentication error.📡 Detection & Monitoring
Log Indicators:
- Unauthenticated API access attempts
- Video streaming requests from unauthorized IPs
- Unusual video download patterns
Network Indicators:
- HTTP requests to dash cam API endpoints from external IPs
- Video stream traffic to unexpected destinations
SIEM Query:
source_ip NOT IN [authorized_ips] AND dest_port IN [dash_cam_ports] AND http_method IN [GET,POST] AND uri CONTAINS '/api/'