CVE-2025-2766

| EUVD-2025-17353 HIGH
2025-06-06 [email protected]
RCE Authentication Bypass A510 Firmware
8.8
CVSS 3.0
Share

CVSS VectorNVD

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 14, 2026 - 18:10 euvd
EUVD-2025-17353
Analysis Generated
Mar 14, 2026 - 18:10 vuln.today
CVE Published
Jun 06, 2025 - 19:15 nvd
HIGH 8.8

DescriptionNVD

70mai A510 Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of 70mai A510. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the default configuration of user accounts. The configuration contains default password. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of the root. Was ZDI-CAN-24996.

AnalysisAI

Critical authentication bypass vulnerability in the 70mai A510 dashcam that exploits default credentials in the device's user account configuration. Network-adjacent attackers can bypass authentication without any credentials and achieve remote code execution with root privileges. This vulnerability presents an immediate and severe risk due to its low attack complexity, lack of user interaction requirement, and the widespread deployment of 70mai dashcams in vehicles.

Technical ContextAI

The 70mai A510 is a networked dashcam device that implements local authentication mechanisms for administrative access and configuration management. The vulnerability stems from CWE-1393 (Default Configuration), where the device ships with hardcoded or unchanged default credentials in its user account database. This is a common architectural flaw in IoT devices where manufacturers fail to enforce credential generation or randomization during initial provisioning. The affected authentication system likely protects both web-based administration interfaces and potentially API endpoints used for configuration, firmware updates, and log access. Network-adjacent attack surface indicates the device is accessible via local network (WiFi or direct connection) rather than requiring internet access, significantly lowering the practical barrier to exploitation.

RemediationAI

Immediate mitigation steps: (1) Change default credentials immediately on all deployed 70mai A510 units if the device supports user-defined passwords; (2) Restrict network access to the dashcam via firewall rules, limiting connectivity to trusted administrative networks only; (3) Disable remote administration features if not required; (4) Isolate dashcam devices to a separate network segment from critical systems. Patch remediation: Monitor 70mai's official security advisories and firmware release channels for a patched firmware version that removes default credentials or enforces mandatory credential change on first boot. Contact 70mai support at their official channels to request patch availability timeline and update procedures. Until a patch is available, implement network segmentation and access controls as primary compensating controls.

Share

CVE-2025-2766 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy