admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 02:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-03-16 22:00:31 +00:00
parent 189a87b57b
commit f23daebeb8
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
5 changed files with 242 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
2025/2xxx/CVE-2025-2348.json
View File

@ -1,17 +1,107 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-2348",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been classified as problematic. Affected is an unknown function of the file /mnt/extsd/event/ of the component HTTP/RTSP. The manipulation leads to information disclosure. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Es wurde eine problematische Schwachstelle in IROAD Dash Cam FX2 bis 20250308 ausgemacht. Betroffen hiervon ist ein unbekannter Ablauf der Datei /mnt/extsd/event/ der Komponente HTTP/RTSP. Durch das Beeinflussen mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff im lokalen Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure",
"cweId": "CWE-200"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Improper Access Controls",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IROAD",
"product": {
"product_data": [
{
"product_name": "Dash Cam FX2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20250308"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.299814",
"refsource": "MISC",
"name": "https://vuldb.com/?id.299814"
},
{
"url": "https://vuldb.com/?ctiid.299814",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.299814"
},
{
"url": "https://github.com/geo-chen/IROAD?tab=readme-ov-file#finding-8-dumping-files-over-http-and-rtsp-without-authentication",
"refsource": "MISC",
"name": "https://github.com/geo-chen/IROAD?tab=readme-ov-file#finding-8-dumping-files-over-http-and-rtsp-without-authentication"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.3,
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.3,
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 3.3,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N"
}
]
}

98
2025/2xxx/CVE-2025-2349.json
View File

@ -1,17 +1,107 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-2349",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/passwd of the component Password Hash Handler. The manipulation leads to password hash with insufficient computational effort. Access to the local network is required for this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "In IROAD Dash Cam FX2 bis 20250308 wurde eine problematische Schwachstelle ausgemacht. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei /etc/passwd der Komponente Password Hash Handler. Durch Beeinflussen mit unbekannten Daten kann eine password hash with insufficient computational effort-Schwachstelle ausgenutzt werden. Der Angriff kann im lokalen Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig ausnutzbar. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Password Hash With Insufficient Computational Effort",
"cweId": "CWE-916"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Inadequate Encryption Strength",
"cweId": "CWE-326"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IROAD",
"product": {
"product_data": [
{
"product_name": "Dash Cam FX2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20250308"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.299815",
"refsource": "MISC",
"name": "https://vuldb.com/?id.299815"
},
{
"url": "https://vuldb.com/?ctiid.299815",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.299815"
},
{
"url": "https://github.com/geo-chen/IROAD?tab=readme-ov-file#finding-9-exposed-root-password",
"refsource": "MISC",
"name": "https://github.com/geo-chen/IROAD?tab=readme-ov-file#finding-9-exposed-root-password"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.1,
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.1,
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:N/A:N"
}
]
}

18
2025/2xxx/CVE-2025-2392.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-2392",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/2xxx/CVE-2025-2393.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-2393",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/30xxx/CVE-2025-30086.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-30086",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}