Thinkware Car Dashcam F800 Pro Cleartext Credential Storage Vulnerability

A vulnerability exists in the Thinkware Car Dashcam F800 Pro, affecting versions through 20250226. The issue arises from the Configuration File Handler component, which improperly processes the file /tmp/hostapd.conf. This mismanagement leads to the storage of user credentials in cleartext on the device. The vulnerability can be exploited physically on the device.

Impact

Exploitation of this vulnerability allows for the extraction of user credentials stored in plain text, which could be used to access the Thinkware Cloud service, potentially compromising sensitive video and audio data from the dashcam.

Reproduction

To reproduce this vulnerability, connect to the dashcam's Wi-Fi network using the default password. Once connected, access the RTSP feed and download video recordings via Telnet. The credentials will be available in cleartext in the /tmp/hostapd.conf file.