Vulnerability Description
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Once access is gained either by default, common, or cracked passwords, the video recordings (containing sensitive routes, conversations, and footage) are open for downloading by creating a socket to command port 7777, and then downloading video via port 7778 and audio via port 7779.
CVSS Score
CRITICAL
Related Weaknesses (CWE)
References
- https://geochen.medium.com/marbella-dashcam-ab40ca41adec
- https://github.com/geo-chen/Marbella/
- https://github.com/geo-chen/Marbella/blob/main/README.md#finding-2---cve-2025-30
- https://makagps.com/
FAQ
What is CVE-2025-30127?
CVE-2025-30127 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Once access is gained either by default, common, or cracked passwords, the video recordings (containing sensitive routes, conversatio...
How severe is CVE-2025-30127?
CVE-2025-30127 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-30127?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.