CVE-2025-30112

Name of the Vulnerable Software and Affected Versions 70mai Dash Cam 1S devices (affected versions not specified)

Description The issue allows an attacker to bypass the device authorization mechanism by connecting directly to the dashcam's network and accessing the API on port 80 and RTSP on port 554. This bypasses the requirement for a user to physically press the power button during a connection.

Recommendations For 70mai Dash Cam 1S devices, as a temporary workaround, consider restricting access to the API on port 80 and RTSP on port 554 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.