CVE-2025-7075
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-06

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was found in BlackVue Dashcam 590X up to 20250624. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /upload.cgi of the component HTTP Endpoint. The manipulation leads to unrestricted upload. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-06
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-07-06
EPSS Evaluated
2026-05-05
NVD
CVE-2025-7075
EUVD
EUVD-2025-20131
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
blackvuenorthamerica blackvue_dr590x_firmware to 2025-06-24 (inc)
blackvuenorthamerica blackvue_dr590x *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-7075 is a critical vulnerability in the BlackVue Dashcam 590X, specifically in the /upload.cgi HTTP endpoint. It allows an attacker within the local network to upload arbitrary files, including malicious code, without any authentication. This unrestricted upload can lead to remote code execution and information disclosure, compromising the dashcam's functionality and data. [1, 2]


How can this vulnerability impact me? :

This vulnerability can impact you by allowing an attacker on the same local network to upload malicious files to your BlackVue Dashcam 590X without authentication. This can result in remote code execution, information disclosure, and compromise of the device's confidentiality, integrity, and availability, potentially disrupting its operation and exposing sensitive data. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking for unauthorized or suspicious HTTP POST requests to the /upload.cgi endpoint on BlackVue Dashcam 590X devices within your local network. Network monitoring tools or packet capture utilities like tcpdump or Wireshark can be used to observe such traffic. For example, you can use the command: tcpdump -i <interface> 'tcp port 80 and (((ip src <local_network_subnet>) and (tcp[32:4] = 0x2f75706c)) or (tcp[((tcp[12] & 0xf0) >> 2):4] = 0x2f75706c))' to filter HTTP requests to /upload.cgi. Additionally, scanning your network for devices running the vulnerable firmware and probing the /upload.cgi endpoint with curl or similar tools to test for unrestricted upload behavior can help detect the vulnerability. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include applying restrictive firewall rules to block access to the /upload.cgi HTTP endpoint on BlackVue Dashcam 590X devices from unauthorized sources within the local network. Limiting network access to trusted devices only and segmenting the network to isolate the dashcams can reduce exposure. Since the vendor has not provided a patch, preventing access to the vulnerable endpoint is critical. Monitoring network traffic for suspicious upload attempts and disabling or restricting the dashcam's internal web server if possible are also recommended. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart