CVE-2025-30106 Information

Description

On IROAD v9 devices the dashcam has hardcoded default credentials (\qwertyuiop) that cannot be changed by the user. This allows an attacker within Wi-Fi range to connect to the device’s network to perform sniffing.

Reference

https://github.com/geo-chen/IROAD-V https://iroad-dashcam.nl/iroad/iroad-x5/