CVE-2025-2344

Name of the Vulnerable Software and Affected Versions: IROAD Dash Cam X5 and Dash Cam X6 up to 20250308

Description: A critical issue has been found in the affected devices, related to some unknown functionality of the component API Endpoint, leading to missing authentication. The attack may be launched remotely. The vendor was contacted about this disclosure but did not respond.

Recommendations: For IROAD Dash Cam X5 and Dash Cam X6 up to 20250308, as a temporary workaround, consider restricting access to the API Endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.