CVE-2025-11943
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-19

Last updated on: 2025-11-17

Assigner: VulDB

Description
A vulnerability has been found in 70mai X200 up to 20251010. Affected by this vulnerability is an unknown functionality of the component HTTP Web Server. The manipulation leads to use of default credentials. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Affected Vendors & Products
Vendor Product Version
70mai x200_firmware to 2025-10-10 (inc)
70mai x200 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1392 The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability affects the 70mai X200 dashcam's HTTP Web Server component, where an unknown functionality uses default credentials. This allows remote attackers to gain unauthorized access without authentication. Specifically, the HTTP server runs unauthenticated on port 80, accessible to anyone on the dashcam's network, enabling attackers to access all hosted files and retrieve the root password, granting full administrative control over the device. [1, 2]


How can this vulnerability impact me? :

The vulnerability allows remote attackers to gain unauthorized administrative access to the affected device without any authentication. This compromises the confidentiality, integrity, and availability of the device, potentially allowing attackers to control the device, access sensitive data, and disrupt its normal operation. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by scanning for the presence of the 70mai X200 device's HTTP server running on port 80 and checking for default credentials or unauthenticated access. You can use network scanning tools like nmap to identify devices with open HTTP ports. For example, run: `nmap -p 80 --open <target-ip-range>` to find devices with port 80 open. Then, attempt to access the HTTP server via a browser or curl to check if authentication is required. For example, use `curl http://<device-ip>/` to see if the web server is accessible without credentials. Additionally, try default credentials or check for exposed files that may contain root passwords as described. These steps help confirm if the device is vulnerable. [2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include restricting network access to the affected device by implementing firewall rules to block unauthorized access to the HTTP server on port 80. Ensure that only trusted networks or devices can communicate with the dashcam. Since the vulnerability involves default credentials and unauthenticated access, changing default passwords if possible and disabling the HTTP server or limiting its exposure to the local network can help. If firmware updates or patches become available from the vendor, apply them promptly. Until then, network-level controls are the primary defense. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart
Meta Information
CVE Publication Date:
2025-10-19
CVE Last Modified Date:
2025-11-17
Report Generation Date:
2026-04-01
AI Powered Q&A Generation:
2025-10-19
EPSS Last Evaluated Date:
2026-03-31
NVD Report Link: