CVE-2025-2347

Name of the Vulnerable Software and Affected Versions: IROAD Dash Cam FX2 up to 20250308

Description: A vulnerability was found in the Device Registration component of the affected software. The issue allows for the use of a default password when the Password argument is manipulated with a specific input, such as qwertyuiop. This attack can be performed within a local network.

Recommendations: For IROAD Dash Cam FX2 up to 20250308, consider changing the default password to a strong and unique one to prevent exploitation. As a temporary workaround, restrict access to the Device Registration component to minimize the risk of exploitation. Avoid using default or weak passwords for the Password argument in the affected component until the issue is resolved.