70mai Dashcam 15 Finding 1: CVE-2025-9812 - Bypass Device Pairing of 70mai Dashcam 15 CVE ID: CVE-2025-9812 Product: 70mai Dashcam 15 Severity: High Description: An attacker can bypass the device pairing process, allowing unauthorized access to the dashcam. Finding 2: CVE-2025-9824 - Unauthenticated File Storage/Allowing Remote Dumping of Video Footage and Live Video Stream CVE ID: CVE-2025-9824 Product: 70mai Dashcam 15 Severity: Critical Description: Unauthenticated users can remotely dump video footage and live video streams from the dashcam. Finding 3: CVE-2025-9825 - Unauthorized Configuration Change CVE ID: CVE-2025-9825 Product: 70mai Dashcam 15 Severity: High Description: Unauthorized users can change the configuration settings of the dashcam. 70mai Dashcam M300 Finding 4: CVE-2025-9826 - Exposed Root Password via Unauthorized HTTP Access CVE ID: CVE-2025-9826 Product: 70mai Dashcam M300 Severity: Critical Description: The root password is exposed via unauthorized HTTP access, allowing attackers to gain full control of the device. Finding 5: CVE-2025-9827 - Remotely Dump All Sensitive Video & Audio Recordings CVE ID: CVE-2025-9827 Product: 70mai Dashcam M300 Severity: Critical Description: Attackers can remotely dump all sensitive video and audio recordings from the dashcam. Finding 6: CVE-2025-9828 - Unauthenticated Live Video Stream CVE ID: CVE-2025-9828 Product: 70mai Dashcam M300 Severity: High Description: Unauthenticated users can access the live video stream from the dashcam. Finding 7: CVE-2025-9829 - Remotely Upload Malicious Files and Execute Code CVE ID: CVE-2025-9829 Product: 70mai Dashcam M300 Severity: Critical Description: Attackers can remotely upload malicious files and execute code on the dashcam. Finding 8: CVE-2025-9830 - Remotely Crashing the Dashcam CVE ID: CVE-2025-9830 Product: 70mai Dashcam M300 Severity: Medium Description: Attackers can remotely crash the dashcam, causing it to stop functioning.