CVE-2025-30132

Name of the Vulnerable Software and Affected Versions IROAD Dashcam V devices (affected versions not specified)

Description An issue was discovered where the device uses an unregistered public domain name as an internal domain, creating a security risk. This domain is not owned by IROAD, allowing an attacker to register it and potentially intercept sensitive device traffic. If the dashcam or related services attempt to resolve this domain over the public Internet instead of locally, it could lead to data exfiltration or man-in-the-middle attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.