CVE-2025-30124CRITICAL 9.8EPSS p19.0%
CVE-2025-30124CVE-2025-30124
Description
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. When a new SD card is inserted into the dashcam, the existing password is written onto the SD card in cleartext automatically. An attacker with temporary access to the dashcam can switch the SD card to steal this password.
Scoring
| CVSS 3.1 | 9.8 (CRITICAL) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| EPSS | 0.27% probability of exploitation · percentile 19.0% · 2026-06-18T12:00:27Z |
| Published | 2025-07-28 |
| Last modified | 2026-04-15 |
Underlying weaknesses· 1
References
- https://geochen.medium.com/marbella-dashcam-ab40ca41adec
- https://github.com/geo-chen/Marbella/
- https://github.com/geo-chen/Marbella/blob/main/README.md#finding-4---cve-2025-30124-passwords-are-stored-in-plaintext-and-can-be-retrieved-with-physical-contact
- https://makagps.com/
- https://github.com/geo-chen/Marbella/blob/main/README.md#finding-4---cve-2025-30124-passwords-are-stored-in-plaintext-and-can-be-retrieved-with-physical-contact
1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Weakness | Cleartext Storage of Sensitive Informationcwe-312 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.