8.1

CVE-2025-30142

EPSS 0.06%
Veröffentlicht 18.03.2025 00:00:00
Zuletzt bearbeitet 01.07.2025 21:04:36
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An issue was discovered on G-Net Dashcam BB GONX devices. Bypassing of Device Pairing can occur. It uses MAC address verification as the sole mechanism for recognizing paired devices, allowing attackers to bypass authentication. By capturing the MAC address of an already-paired device through ARP scanning or other means, an attacker can spoof the MAC address and connect to the dashcam without going through the pairing process. This enables full access to the device.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gnetsystem ≫ G-onx Firmware Version-

Gnetsystem ≫ G-onx Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.182

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.1	2.8	5.2	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-290 Authentication Bypass by Spoofing

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

https://www.gnetsystem.com/eng/product/list?viewMode=view&idx=246&ca_id=0201

Product

https://github.com/geo-chen/GNET

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-30142

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-30142

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-30142

EUVD