← Zuruck zu CVEs
CVE-2025-30142
HIGH8.1
Beschreibung
An issue was discovered on G-Net Dashcam BB GONX devices. Bypassing of Device Pairing can occur. It uses MAC address verification as the sole mechanism for recognizing paired devices, allowing attackers to bypass authentication. By capturing the MAC address of an already-paired device through ARP scanning or other means, an attacker can spoof the MAC address and connect to the dashcam without going through the pairing process. This enables full access to the device.
CVE Details
CVSS v3.1 Bewertung8.1
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AngriffsvektorADJACENT_NETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht3/18/2025
Zuletzt geandert7/1/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
gnetsystem:g-onxgnetsystem:g-onx_firmware
Schwachen (CWE)
CWE-290
Referenzen
https://github.com/geo-chen/GNET(cve@mitre.org)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.