CVE-2025-2121

9 Mar 2025

Título es
CVE-2025-2121

Dom, 09/03/2025 – 11:15

Tipo
CWE-266

Gravedad v2.0
5.80

Gravedad 2.0 Txt
MEDIUM

Título en

CVE-2025-2121

Descripción en
A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected is an unknown function of the component File Storage. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

09/03/2025

Vector CVSS:4.0
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Vector CVSS:3.1
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Vector CVSS:2.0
AV:A/AC:L/Au:N/C:P/I:P/A:P

Gravedad 4.0
5.30

Gravedad 4.0 txt
MEDIUM

Gravedad 3.1 (CVSS 3.1 Base Score)
6.30

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

https://github.com/geo-chen/Thinkware-Dashcam

https://vuldb.com/?ctiid_299034=

https://vuldb.com/?id_299034=

https://vuldb.com/?submit_507328=

Enviar en el boletín
Off