Listen to this Post
How the CVE Works
CVE-2025-30138 exploits weak authentication in G-Net Dashcam BB GONX devices. Attackers connecting to the dashcam’s network can send unauthenticated API requests to manipulate settings, extract GPS logs, driver data, and disable critical functions. The device fails to validate session tokens, allowing unauthorized access. A crafted POST request to `/api/settings` can disable battery protection, while `/api/data/export` leaks sensitive trip records. Factory reset commands (/api/reset) further erase evidence. The dashcam’s lack of firmware signing permits malicious updates via MITM attacks.
DailyCVE Form
Platform: G-Net Dashcam BB GONX
Version: All < v4.7.2
Vulnerability: Unauthenticated API access
Severity: Critical
Date: 2025-07-01
Prediction: Patch by 2025-09-15
What Undercode Say
Analytics:
nmap -p 80,443 --script http-vuln-cve2025-30138 <target>
curl -X POST http://<dashcam_ip>/api/settings -d '{"battery_protection":"disable"}'
Exploit:
- Unauthenticated `/api/settings` modification.
- Data exfiltration via
/api/data/export. - MITM firmware downgrade.
Protection from this CVE:
- Update to v4.7.2+.
- Enable HTTPS.
- Network segmentation.
Impact:
- Car battery drain.
- Privacy breach.
- Evidence tampering.
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode
