CVE-2025-2349

Name of the Vulnerable Software and Affected Versions: IROAD Dash Cam FX2 up to 20250308

Description: A vulnerability was found in the Password Hash Handler component, affecting an unknown functionality of the file /etc/passwd. The manipulation leads to password hash with insufficient computational effort. Access to the local network is required for this attack. The complexity of an attack is rather high, and the exploitation appears to be difficult.

Recommendations: For IROAD Dash Cam FX2 up to 20250308, consider restricting access to the local network to minimize the risk of exploitation, and avoid using the password variable in the affected /etc/passwd file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.