CVE-2025-2119

Name of the Vulnerable Software and Affected Versions Thinkware Car Dashcam F800 Pro up to 20250226

Description A vulnerability was found in the Device Registration Handler component, which leads to the use of default credentials. The manipulation can be launched on the physical device, and the complexity of an attack is rather high. The exploitation appears to be difficult, and the exploit has been disclosed to the public. The vendor was contacted early about this disclosure but did not respond in any way.

Recommendations As a temporary workaround, consider restricting access to the Device Registration Handler component until a patch is available. Avoid using default credentials in the affected device until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.