← Back

CVE-2025-30142

nvd nist
Published: Mar 18, 2025Modified: Jul 1, 2025

JSON object

Loading...
8.1
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Exploitability: 2.8 / Impact: 5.2
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue was discovered on G-Net Dashcam BB GONX devices. Bypassing of Device Pairing can occur. It uses MAC address verification as the sole mechanism for recognizing paired devices, allowing attackers to bypass authentication. By capturing the MAC address of an already-paired device through ARP scanning or other means, an attacker can spoof the MAC address and connect to the dashcam without going through the pairing process. This enables full access to the device.

Affected (1)

Gnetsystem
1 product
G Onx Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
G Onx Firmware
All versions
Running on/withPlatform Versions
Gnetsystem
G Onx
All versions

Related CWEs

CWE-290
Authentication Bypass by Spoofing
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

References (2)

Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Product

Timeline

No history available yet.