VYPR

BlackVue App

by BlackVue

CVEs (5)

  • CVE-2025-2356LowMar 17, 2025
    risk 0.24cvss 3.7epss 0.00

    A vulnerability was found in BlackVue App 3.65 on Android. It has been classified as problematic. This affects the function deviceDelete of the component API Handler. The manipulation leads to use of get request method with sensitive query strings. It is possible to initiate the…

  • CVE-2025-2355LowMar 17, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in BlackVue App 3.65 on Android and classified as problematic. Affected by this issue is some unknown functionality of the component API Endpoint Handler. The manipulation of the argument BCS_TOKEN/SECRET_KEY leads to unprotected storage of credentials.…

  • CVE-2023-27746Apr 13, 2023
    risk 0.01cvss epss 0.02

    BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase which can be easily cracked via a brute force attack if the WPA2 handshake is intercepted.

  • CVE-2023-27748Apr 13, 2023
    risk 0.00cvss epss 0.01

    BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authenticity check for uploaded firmware. This can allow attackers to upload crafted firmware which contains backdoors and enables arbitrary code execution.

  • CVE-2023-27747Apr 13, 2023
    risk 0.00cvss epss 0.01

    BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authentication in its web server. This vulnerability allows attackers to access sensitive information such as configurations and recordings.