A high-severity vulnerability has been discovered in multiple 70mai dash cam products, allowing a nearby attacker to remotely execute code on the device. Successful exploitation could lead to an attacker gaining full control of the dash cam, enabling them to access, modify, or delete video recordings, listen to in-cabin audio, or use the device to attack other systems on the same network.

The vulnerability is an unauthenticated command injection flaw within the device's Wi-Fi management interface. An attacker within Wi-Fi range of the device can send a specially crafted HTTP request to an internal API endpoint without needing to be authenticated. This request can include arbitrary shell commands that are then executed on the device's underlying operating system with root privileges, granting the attacker complete control over the device.

This vulnerability is rated as High severity with a CVSS score of 7.3. Exploitation could have a significant business impact, particularly if these devices are used in corporate vehicles or are connected to corporate guest networks. Potential consequences include the breach of sensitive data from video and audio recordings, reputational damage if footage is leaked, and the compromised device being used as a pivot point to launch further attacks against the internal network.

Immediate Action: Apply vendor security updates immediately. The firmware update can typically be installed through the official 70mai mobile application. After patching, verify the new firmware version is correctly installed.

Proactive Monitoring: Monitor network traffic for any unusual outbound connections originating from the dash cam's IP address. Review device logs, if accessible, for suspicious or unexpected command executions or system reboots. Monitor for unauthorized devices attempting to connect to the dash cam's Wi-Fi hotspot.

Compensating Controls: If immediate patching is not possible, implement the following controls:

• Disable the Wi-Fi feature on the dash cam if it is not required for operation.
• Ensure the device's Wi-Fi hotspot is configured with a strong, unique password.
• Isolate the dash cams on a segmented network (VLAN) that does not have access to sensitive corporate resources.

Public Exploit Available: false

Given the high severity score (CVSS 7.3) and the potential for complete device compromise, it is strongly recommended that organizations prioritize the immediate patching of all affected 70mai devices. Although this vulnerability is not currently listed in the CISA KEV catalog, its impact is significant. All system administrators should identify affected assets and apply the vendor-supplied firmware updates without delay to mitigate the risk of data compromise and unauthorized network access.