CVE-2025-30127CRITICAL 9.8EPSS p31.6%

CVE-2025-30127CVE-2025-30127

Description

An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Once access is gained either by default, common, or cracked passwords, the video recordings (containing sensitive routes, conversations, and footage) are open for downloading by creating a socket to command port 7777, and then downloading video via port 7778 and audio via port 7779.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.40% probability of exploitation · percentile 31.6% · 2026-06-18T12:00:27Z
Published2025-08-06
Last modified2026-04-15

Underlying weaknesses· 3

CWE-200CWE-284CWE-521

References

  1. https://geochen.medium.com/marbella-dashcam-ab40ca41adec
  2. https://github.com/geo-chen/Marbella/
  3. https://github.com/geo-chen/Marbella/blob/main/README.md#finding-2---cve-2025-30127-video-recordings-open-to-being-downloaded-via-ports-7777-7778-7779
  4. https://makagps.com/

3

TypeTargetConfidenceTier
WeaknessExposure of Sensitive Information to an Unauthorized Actorcwe-2000%live
WeaknessImproper Access Controlcwe-2840%live
WeaknessWeak Password Requirementscwe-5210%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-30125
CVE
CVE-2025-30124
CVE
CVE-2025-30113
CVE
CVE-2025-30135
CVE
CVE-2025-64983
CVE
CVE-2025-30123
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.