70mai Dash Cam 1S Authorization Bypass Vulnerability

Vulnerability

An authorization bypass vulnerability has been identified in the 70mai Dash Cam 1S. By connecting directly to the dashcam's Wi-Fi network and accessing the API on port 80 or the RTSP stream on port 554, an attacker can circumvent the authorization mechanism required by the official mobile app. This app-based authorization mandates that a user physically press the power button on the dashcam during the connection process.

Impact

Exploitation of this vulnerability allows for unauthorized access to the dashcam's features and functions, potentially leading to manipulation of the device or its recordings.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

70mai Dash Cam 1S Authorization Bypass Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating