← voltar
CVE-2025-30127

CVE-2025-30127

CVSS 9.8 CRITICALEPSS 0.4%CWE-200CWE-284CWE-521
Vexday Risk Score
28Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 9.8EPSS 0.4%KEV nãoPoC Patch
Ciclo de vida
06 ago 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Once access is gained either by default, common, or cracked passwords, the video recordings (containing sensitive routes, conversations, and footage) are open for downloading by creating a socket to command port 7777, and then downloading video via port 7778 and audio via port 7779.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://geochen.medium.com/marbella-dashcam-ab40ca41adechttps://github.com/geo-chen/Marbella/https://github.com/geo-chen/Marbella/blob/main/README.md#finding-2---cve-2025-30127-video-recordings-open-to-being-downloaded-via-ports-7777-7778-7779https://makagps.com/