CVE-2025-30123CRITICAL 9.8EPSS p30.1%

CVE-2025-30123CVE-2025-30123

Description

An issue was discovered on ROADCAM X3 devices. The mobile app APK (Viidure) contains hardcoded FTP credentials for the FTPX user account, enabling attackers to gain unauthorized access and extract sensitive recorded footage from the device.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.39% probability of exploitation · percentile 30.1% · 2026-06-18T12:00:27Z
Published2025-03-18
Last modified2026-04-15

Underlying weaknesses· 1

CWE-798

References

  1. https://github.com/geo-chen/RoadCam
  2. https://roadcam.my/pages/install-x3

1

TypeTargetConfidenceTier
WeaknessUse of Hard-coded Credentialscwe-7980%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-30122
CVE
CVE-2025-30135
CVE
CVE-2025-30133
CVE
CVE-2025-30131
CVE
CVE-2025-30106
CVE
CVE-2025-2345
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.