70mai Dashcam M300 Telnet Service Default Credentials Vulnerability

A critical vulnerability exists in the 70mai Dashcam M300 in versions prior to 20250611, related to the Telnet service. The issue arises from the use of default credentials, allowing unauthorized access. Exploitation can be initiated from within the local network, and a public exploit is available.

Impact

Exploitation of this vulnerability allows for unauthorized access via Telnet using default credentials. Once accessed, an attacker can upload arbitrary files, including malicious ones, or replace the firmware with a malicious version. This could lead to remote code execution on the device.

Reproduction

To reproduce this vulnerability, connect to the dashcam's network. Once connected, access the Telnet service on port 23 using default credentials. After gaining access, arbitrary files can be uploaded or the firmware can be replaced by editing the auto-run scripts.

Remediation

It is recommended to firewall the Telnet service to prevent unauthorized access.