← Volver a CVEs
CVE-2025-30142
HIGH8.1
Descripcion
An issue was discovered on G-Net Dashcam BB GONX devices. Bypassing of Device Pairing can occur. It uses MAC address verification as the sole mechanism for recognizing paired devices, allowing attackers to bypass authentication. By capturing the MAC address of an already-paired device through ARP scanning or other means, an attacker can spoof the MAC address and connect to the dashcam without going through the pairing process. This enables full access to the device.
Detalles CVE
Puntuacion CVSS v3.18.1
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Vector de ataqueADJACENT_NETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado3/18/2025
Ultima modificacion7/1/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
gnetsystem:g-onxgnetsystem:g-onx_firmware
Debilidades (CWE)
CWE-290
Referencias
https://github.com/geo-chen/GNET(cve@mitre.org)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.