CRITICAL🇵🇱 Wersja polska

CVE-2025-30127

CVSS 9.8v3.1pub. 2025-08-06upd. 2026-04-15

An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Once access is gained either by default, common, or cracked passwords, the video recordings (containing sensitive routes, conversations, and footage) are open for downloading by creating a socket to command port 7777, and then downloading video via port 7778 and audio via port 7779.

🤖 AI Analysis
How it works

An attacker who gains access to the device by using default, commonly known, or compromised passwords (CWE-521) can establish a connection through TCP port 7777 (command port). Subsequently, it is possible to download video recordings through port 7778 and audio recordings through port 7779. The lack of proper access controls (CWE-284) and sensitive data exposure (CWE-200) make this mechanism accessible without additional authentication after the initial login.

Impact

An attacker can download complete video and audio recordings from the camera, including route data, recorded conversations, and images of the vehicle's surroundings. This can lead to serious privacy violations for the device user.

Mitigation & patch

Patches available from the manufacturer should be applied according to references. Until an update is released, it is recommended to change default passwords to strong and unique ones, isolate the device on the network (e.g., dedicated network segment or firewall blocking access to ports 7777, 7778, and 7779 from unauthorized sources), and monitor network traffic directed to these ports.

Who is affected

Marbella KR8s Dashcam FF devices running firmware version 2.0.8

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References