CVE-2025-30140

Name of the Vulnerable Software and Affected Versions G-Net Dashcam BB GONX devices (affected versions not specified)

Description The issue concerns the use of an unregistered public domain name as an internal domain, posing a security risk. This allows an attacker to potentially register the domain and intercept sensitive device traffic, leading to data exfiltration or man-in-the-middle attacks if the dashcam or related services attempt to resolve this domain over the public Internet instead of locally.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.