Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on IROAD Dashcam FX2 devices. An unauthenticated file upload endpoint can be leveraged to execute arbitrary commands by uploading a CGI-based webshell. Once a file is uploaded, the attacker can execute commands with root privileges, gaining full control over the dashcam. Additionally, by uploading a netcat (nc) binary, the attacker can establish a reverse shell, maintaining persistent remote and privileged access to the device. This allows complete device takeover.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IROAD Dashcam FX2 安全漏洞
Vulnerability Description
IROAD Dashcam FX2是韩国IROAD公司的一款行车记录仪。 IROAD Dashcam FX2存在安全漏洞,该漏洞源于未经验证的文件上传端点,可能导致执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A