CVE-2025-30111

Name of the Vulnerable Software and Affected Versions IROAD version v9

Description The issue allows unauthorized users to remotely access and dump video footage and live video streams from the device. This is possible due to exposed endpoints that do not require proper authentication, enabling unauthorized users to list and download recorded videos as well as access live video streams.

Recommendations For IROAD version v9, consider restricting access to the exposed endpoints until a proper fix is available. As a temporary workaround, restrict access to the device to minimize the risk of unauthorized video footage and live stream access.