Fx2 Firmware

5 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-30131 CRITICAL POC Act Now

An issue was discovered on IROAD Dashcam FX2 devices. An unauthenticated file upload endpoint can be leveraged to execute arbitrary commands by uploading a CGI-based webshell. Once a file is uploaded, the attacker can execute commands with root privileges, gaining full control over the dashcam. Additionally, by uploading a netcat (nc) binary, the attacker can establish a reverse shell, maintaining persistent remote and privileged access to the device. This allows complete device takeover.

File Upload Fx2 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-2350 MEDIUM This Month

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass File Upload Fx2 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-2349 LOW Monitor

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. Rated low severity (CVSS 2.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Fx2 Firmware
NVD GitHub VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2025-2348 MEDIUM This Month

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Fx2 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-2347 MEDIUM This Month

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308 and classified as problematic. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Fx2 Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-30131
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered on IROAD Dashcam FX2 devices. An unauthenticated file upload endpoint can be leveraged to execute arbitrary commands by uploading a CGI-based webshell. Once a file is uploaded, the attacker can execute commands with root privileges, gaining full control over the dashcam. Additionally, by uploading a netcat (nc) binary, the attacker can establish a reverse shell, maintaining persistent remote and privileged access to the device. This allows complete device takeover.

File Upload Fx2 Firmware
NVD GitHub
CVE-2025-2350
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass File Upload Fx2 Firmware
NVD GitHub VulDB
CVE-2025-2349
EPSS 0% CVSS 2.3
LOW Monitor

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. Rated low severity (CVSS 2.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Fx2 Firmware
NVD GitHub VulDB
CVE-2025-2348
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Fx2 Firmware
NVD GitHub VulDB
CVE-2025-2347
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308 and classified as problematic. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Fx2 Firmware
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy