CVE-2025-2122

A vulnerability classified as problematic was found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected by this vulnerability is an unknown functionality of the component Connection Handler. The manipulation leads to denial of service. The attack can only be initiated within the local network. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
References
Link Resource
https://github.com/geo-chen/Thinkware-Dashcam Exploit Third Party Advisory
https://vuldb.com/?ctiid.299035 Permissions Required VDB Entry
https://vuldb.com/?id.299035 Third Party Advisory VDB Entry
https://github.com/geo-chen/Thinkware-Dashcam Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:thinkwarestore:f800_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:thinkwarestore:f800_pro:-:*:*:*:*:*:*:*

History

28 May 2025, 18:32

Type Values Removed Values Added
References () https://github.com/geo-chen/Thinkware-Dashcam - () https://github.com/geo-chen/Thinkware-Dashcam - Exploit, Third Party Advisory
References () https://vuldb.com/?ctiid.299035 - () https://vuldb.com/?ctiid.299035 - Permissions Required, VDB Entry
References () https://vuldb.com/?id.299035 - () https://vuldb.com/?id.299035 - Third Party Advisory, VDB Entry
Summary
  • (es) En Thinkware Car Dashcam F800 Pro hasta 20250226 se ha detectado una vulnerabilidad clasificada como problemática. Esta vulnerabilidad afecta a una funcionalidad desconocida del componente Connection Handler. La manipulación provoca una denegación de servicio. El ataque solo puede iniciarse dentro de la red local. Es un ataque de complejidad bastante alta. Parece difícil de explotar. Se ha hecho público el exploit y puede que sea utilizado. Se contactó al proveedor con antelación sobre esta revelación, pero no respondió de ninguna manera.
First Time Thinkwarestore
Thinkwarestore f800 Pro
Thinkwarestore f800 Pro Firmware
CPE cpe:2.3:h:thinkwarestore:f800_pro:-:*:*:*:*:*:*:*
cpe:2.3:o:thinkwarestore:f800_pro_firmware:*:*:*:*:*:*:*:*

10 Mar 2025, 16:15

Type Values Removed Values Added
References () https://github.com/geo-chen/Thinkware-Dashcam - () https://github.com/geo-chen/Thinkware-Dashcam -

09 Mar 2025, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-03-09 14:15

Updated : 2025-05-28 18:32


NVD link : CVE-2025-2122

Mitre link : CVE-2025-2122

CVE.ORG link : CVE-2025-2122


JSON object : View

Products Affected

thinkwarestore

  • f800_pro_firmware
  • f800_pro
CWE
CWE-404

Improper Resource Shutdown or Release