ROADCAM X3 Hardcoded FTP Credentials Vulnerability

Vulnerability

A vulnerability exists in the ROADCAM X3 dashcam's mobile application, Viidure version 1.5, due to hardcoded FTP credentials for the FTPX user account. This flaw allows unauthorized access to the device's file system, enabling attackers to download sensitive recorded video footage. The issue arises from the inclusion of fixed FTP login details within the app, which can be exploited to access and extract private data without user consent.

Impact

Exploitation of this vulnerability allows for unauthorized access to the dashcam's file system via FTP, where all recorded video footage can be downloaded. This access could lead to the exposure of sensitive personal data captured by the device.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ROADCAM X3 Hardcoded FTP Credentials Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating