CVE-2025-30137
📋 TL;DR
This vulnerability allows attackers to gain unauthorized access to G-Net GNET dashcam systems using hardcoded credentials found in the mobile application. Attackers can access dashcam settings and video streams without authentication once connected to the GNET SSID. All users of GNET APK 2.6.2 with affected dashcams are vulnerable.
💻 Affected Systems
- G-Net GNET dashcam systems
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of dashcam systems allowing unauthorized access to live video feeds, modification of security settings, potential vehicle tracking, and disabling of security features.
Likely Case
Unauthorized access to dashcam video streams and settings, potentially exposing private video footage and allowing configuration changes.
If Mitigated
Limited impact if dashcams are isolated from networks and mobile app is not used, but functionality would be severely restricted.
🎯 Exploit Status
Exploitation requires physical proximity to connect to GNET SSID, but credentials are publicly documented and trivial to use.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: None available
Restart Required: No
Instructions:
No official patch available. Contact vendor for updated application version without hardcoded credentials.
🔧 Temporary Workarounds
Disable GNET SSID broadcasting
allPrevent attackers from connecting to dashcam network by disabling SSID broadcast
Network segmentation
allIsolate dashcam network from other networks to limit attack surface
🧯 If You Can't Patch
- Discontinue use of GNET mobile application until patched version is available
- Physically disconnect dashcams from power when not in use to prevent network access
🔍 How to Verify
Check if Vulnerable:
Check mobile app version in settings. If using GNET APK 2.6.2, system is vulnerable.Check Version:
On Android: Settings > Apps > GNET > App info. On iOS: Settings > General > iPhone Storage > GNETVerify Fix Applied:
Verify updated app version removes hardcoded credentials by decompiling APK and searching for 'TibetList', '000000', 'admin', 'tibet', 'adim' strings.📡 Detection & Monitoring
Log Indicators:
- Unauthorized authentication attempts on ports 9091/9092
- Multiple failed login attempts followed by successful access
Network Indicators:
- Unexpected connections to ports 9091/9092
- Traffic containing hardcoded credential strings in plaintext
SIEM Query:
destination_port:9091 OR destination_port:9092 AND (http.request_body:"TibetList" OR http.request_body:"000000" OR http.request_body:"admin" OR http.request_body:"tibet" OR http.request_body:"adim")