CVE-2025-30141

Name of the Vulnerable Software and Affected Versions G-Net Dashcam BB GONX devices (affected versions not specified)

Description The issue allows remote access to recorded and live video feeds on the G-Net Dashcam BB GONX devices. It exposes API endpoints on ports 9091 and 9092, enabling an attacker connected to the dashcam's network to retrieve all stored recordings and convert them from JDR format to MP4. Additionally, the RTSP stream on port 9092 can be accessed remotely, allowing real-time video feeds to be extracted without the owner's knowledge.

Recommendations As a temporary workaround, consider restricting access to the API endpoints on ports 9091 and 9092 to minimize the risk of exploitation. Restrict access to the RTSP stream on port 9092 to prevent real-time video feeds from being extracted without the owner's knowledge. Avoid using the affected G-Net Dashcam BB GONX devices on unsecured networks until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.