Eyjhb

**Name of the Vulnerable Software and Affected Versions** BlackVue DR750-2CH LTE version 1.012 2022.10.26 **Description** The issue concerns a weak default passphrase that can be easily cracked via a brute force attack if the WPA2 handshake is intercepted. This allows for potential unauthorized access. **Recommendations** For BlackVue DR750-2CH LTE version 1.012 2022.10.26, consider changing the default passphrase to a strong and unique one to prevent brute force attacks. As a temporary workaround, restrict access to the device's network to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** BlackVue DR750-2CH LTE version 1.012 2022.10.26 **Description** The issue concerns the lack of authentication in the web server, allowing attackers to access sensitive information such as configurations and recordings. **Recommendations** For BlackVue DR750-2CH LTE version 1.012 2022.10.26, consider restricting access to the web server as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** BlackVue DR750-2CH LTE version 1.012 2022.10.26 **Description** The issue concerns the lack of authenticity check for uploaded firmware, allowing attackers to upload crafted firmware that contains backdoors and enables arbitrary code execution. **Recommendations** For BlackVue DR750-2CH LTE version 1.012 2022.10.26, as a temporary workaround, consider restricting access to firmware uploads until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.