CVE-2025-30131

{"id": "CVE-2025-30131", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-06-26T17:15:30.743", "references": [{"url": "https://github.com/geo-chen/IROAD?tab=readme-ov-file#finding-11---cve-2025-30131-unrestricted-webshell", "tags": ["Third Party Advisory", "Exploit"], "source": "cve@mitre.org"}, {"url": "https://www.iroadau.com.au/downloads/", "tags": ["Product"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on IROAD Dashcam FX2 devices. An unauthenticated file upload endpoint can be leveraged to execute arbitrary commands by uploading a CGI-based webshell. Once a file is uploaded, the attacker can execute commands with root privileges, gaining full control over the dashcam. Additionally, by uploading a netcat (nc) binary, the attacker can establish a reverse shell, maintaining persistent remote and privileged access to the device. This allows complete device takeover."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en los dispositivos IROAD Dashcam FX2. Un endpoint de carga de archivos no autenticado puede utilizarse para ejecutar comandos arbitrarios cargando un webshell basado en CGI. Una vez cargado el archivo, el atacante puede ejecutar comandos con privilegios de root, obteniendo as\u00ed control total sobre la dashcam. Adem\u00e1s, al cargar un binario netcat (nc), el atacante puede establecer un shell inverso, manteniendo acceso remoto persistente y privilegiado al dispositivo. Esto permite el control total del dispositivo."}], "lastModified": "2025-11-06T20:24:24.220", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:iroadau:fx2_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1C21728-4D54-42DB-98C8-B0B7C7A38B2C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:iroadau:fx2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8E62E438-2D69-401D-B5A8-B54565CE049E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}