admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-03-09 11:00:32 +00:00
parent 4920819d37
commit 911627e8b6
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
1 changed files with 105 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
2025/2xxx/CVE-2025-2120.json
View File

@ -1,17 +1,118 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2025-2120", "ID": "CVE-2025-2120",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cna@vuldb.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been rated as problematic. This issue affects some unknown processing of the file /tmp/hostapd.conf of the component Configuration File Handler. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in Thinkware Car Dashcam F800 Pro bis 20250226 ausgemacht. Sie wurde als problematisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei /tmp/hostapd.conf der Komponente Configuration File Handler. Durch das Beeinflussen mit unbekannten Daten kann eine cleartext storage in a file or on disk-Schwachstelle ausgenutzt werden. Ein Angriff setzt physischen Zugriff auf dem Zielobjekt voraus. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext Storage in a File or on Disk",
"cweId": "CWE-313"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Cleartext Storage of Sensitive Information",
"cweId": "CWE-312"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Thinkware",
"product": {
"product_data": [
{
"product_name": "Car Dashcam F800 Pro",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20250226"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.299033",
"refsource": "MISC",
"name": "https://vuldb.com/?id.299033"
},
{
"url": "https://vuldb.com/?ctiid.299033",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.299033"
},
{
"url": "https://vuldb.com/?submit.507327",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.507327"
},
{
"url": "https://github.com/geo-chen/Thinkware-Dashcam",
"refsource": "MISC",
"name": "https://github.com/geo-chen/Thinkware-Dashcam"
}
]
},
"credits": [
{
"lang": "en",
"value": "geochen (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 2.1,
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 2.1,
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N"
} }
] ]
} }