{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T17:20:28.715","vulnerabilities":[{"cve":{"id":"CVE-2025-30111","sourceIdentifier":"cve@mitre.org","published":"2025-03-18T15:16:02.323","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam exposes endpoints that allow unauthorized users, who gained access through other means, to list and download recorded videos, as well as access live video streams without proper authentication."},{"lang":"es","value":"En los dispositivos IROAD v9, se puede volcar remotamente el metraje de video y la transmisión de video en vivo. La cámara del tablero expone endpoints que permiten a usuarios no autorizados, que accedieron por otros medios, acceder a la lista y descargar videos grabados, así como a transmisiones de video en vivo sin la debida autenticación."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"references":[{"url":"https://github.com/geo-chen/IROAD-V","source":"cve@mitre.org"},{"url":"https://iroad-dashcam.nl/iroad/iroad-x5/","source":"cve@mitre.org"}]}}]}