IROAD Dash Cam X5 and X6 Origin Validation Error Vulnerability in Domain Handler

Vulnerability

A vulnerability exists in the IROAD Dash Cam X5 and X6 models released prior to March 8, 2025. The issue lies within the Domain Handler component, where an origin validation error is introduced by improper handling of the Domain Name argument. This flaw allows for remote manipulation, although the complexity of exploitation is considered high.

Impact

Exploitation of this vulnerability could lead to an origin validation error, allowing for potential interception of sensitive device traffic. If the dashcam attempts to resolve the unregistered public domain over the internet, it could result in data exfiltration or a man-in-the-middle attack.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IROAD Dash Cam X5 and X6 Origin Validation Error Vulnerability in Domain Handler

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating