CVE-2025-2349

CVE-2025-2349

Título es
CVE-2025-2349

Dom, 16/03/2025 – 22:15

Tipo
CWE-326

Gravedad v2.0
1.80

Gravedad 2.0 Txt
LOW

Título en

CVE-2025-2349

Descripción en
A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/passwd of the component Password Hash Handler. The manipulation leads to password hash with insufficient computational effort. Access to the local network is required for this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

16/03/2025

16/03/2025

Vector CVSS:4.0
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Vector CVSS:3.1
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Vector CVSS:2.0
AV:A/AC:H/Au:N/C:P/I:N/A:N

Gravedad 4.0
2.30

Gravedad 4.0 txt
LOW

Gravedad 3.1 (CVSS 3.1 Base Score)
3.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
LOW

Referencias

Enviar en el boletín
Off