HELLA Driving Recorder DR 820
by Forvia Hella
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-30115 | Cri | 0.64 | 9.8 | 0.00 | Mar 18, 2025 | An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Default Credentials Cannot Be Changed. It uses a fixed default SSID and password ("qwertyuiop"), which cannot be modified by users. The SSID is continuously broadcast, allowing unauthorized access to the… | ||
| CVE-2025-30113 | Cri | 0.64 | 9.8 | 0.00 | Mar 18, 2025 | An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and… | ||
| CVE-2025-30114 | Cri | 0.59 | 9.1 | 0.00 | Mar 18, 2025 | An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pairing mechanism relies solely on the connecting device's MAC address. By obtaining the MAC address through network scanning and spoofing it, an attacker can… | ||
| CVE-2025-30116 | Hig | 0.49 | 7.5 | 0.01 | Mar 18, 2025 | An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to access and download recorded video footage from the SD card via port 9091. Additionally, attackers can… | ||
| CVE-2025-30117 | Hig | 0.47 | 7.3 | 0.00 | Mar 18, 2025 | An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. After bypassing the device pairing, an attacker can obtain sensitive user and… |
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Default Credentials Cannot Be Changed. It uses a fixed default SSID and password ("qwertyuiop"), which cannot be modified by users. The SSID is continuously broadcast, allowing unauthorized access to the…
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for Ports 9091 and 9092. The dashcam's Android application contains hardcoded credentials that allow unauthorized access to device settings through ports 9091 and…
- risk 0.59cvss 9.1epss 0.00
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pairing mechanism relies solely on the connecting device's MAC address. By obtaining the MAC address through network scanning and spoofing it, an attacker can…
- risk 0.49cvss 7.5epss 0.01
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to access and download recorded video footage from the SD card via port 9091. Additionally, attackers can…
- risk 0.47cvss 7.3epss 0.00
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. After bypassing the device pairing, an attacker can obtain sensitive user and…