Primary

Context

Marbella Dashcam KR8s Password Exposure Vulnerability

Vulnerability

A vulnerability exists in the Marbella KR8s Dashcam model FF 2.0.8, where the Wi-Fi password is automatically written in cleartext to a newly inserted SD card. This issue allows an attacker with temporary access to the dashcam to switch the SD card and steal the password. The dashcam is also accessible via default or common passwords, creating an 'insecure-by-default' setup.

Impact

Exposed passwords in plaintext

Reproduction

When a new SD card is inserted into the dashcam, the existing Wi-Fi password is automatically transferred to the SD card in cleartext. An attacker with temporary physical access to the dashcam can exploit this by replacing the SD card with a malicious one, which will capture the password as soon as it is written.

Added: Jul 28, 2025, 2:28 PM

Updated: Jul 28, 2025, 2:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.6

exploitability

4.6

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.6

exploitability

4.6

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Marbella Dashcam KR8s Password Exposure Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating