{"vulnerability": "cve-2025-2344", "sightings": [{"uuid": "b4b76721-3521-4a49-90c3-d3db5c78c5df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2344", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7719", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2344\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. Affected by this issue is some unknown functionality of the component API Endpoint. The manipulation leads to missing authentication. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-03-16T18:00:07.198Z\n\ud83d\udccf Modified: 2025-03-16T18:00:07.198Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299810\n2. https://vuldb.com/?ctiid.299810\n3. https://vuldb.com/?submit.516882\n4. https://github.com/geo-chen/IROAD#finding-4-remotely-dump-video-footage-and-live-video-stream", "creation_timestamp": "2025-03-16T18:46:50.000000Z"}, {"uuid": "534179be-0fe6-4439-b824-370b9b3f783d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23445", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840015738029847", "content": "", "creation_timestamp": "2025-01-16T20:53:07.643576Z"}, {"uuid": "6825341b-8309-4217-aafe-6e9460de85fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23449", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdnzvd5cw2f", "content": "", "creation_timestamp": "2025-01-22T15:18:00.116480Z"}, {"uuid": "7458932e-57fd-44d7-a888-983fb9cc4593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23447", "type": "seen", "source": "MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3", "content": "", "creation_timestamp": "2025-08-18T13:31:24.000000Z"}, {"uuid": "24db7316-4579-4348-9fec-7cfc9e486533", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23440", "type": "seen", "source": "MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3", "content": "", "creation_timestamp": "2025-08-18T13:31:24.000000Z"}, {"uuid": "74ac0f4a-88fa-4461-9d63-5d91b20cff94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23442", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv3weuv7i2t", "content": "", "creation_timestamp": "2025-01-16T20:16:38.553451Z"}, {"uuid": "893e644c-8599-4ff9-9215-bdb848c871cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23444", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv3wh6u3n2n", "content": "", "creation_timestamp": "2025-01-16T20:16:41.063076Z"}, {"uuid": "4114b78c-eb8e-4a70-aa5e-768f6311660c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23442", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113839956724229239", "content": "", "creation_timestamp": "2025-01-16T20:38:07.018111Z"}, {"uuid": "94ad0124-1d10-489c-851f-abf7b768c12a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23444", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113839956738630575", "content": "", "creation_timestamp": "2025-01-16T20:38:07.316737Z"}, {"uuid": "384d2ed0-eecc-40c1-92f6-0aa70151893b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23445", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv3wk74752p", "content": "", "creation_timestamp": "2025-01-16T20:16:44.340220Z"}, {"uuid": "40cc4da3-6488-4d88-a995-602c62f9bf90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2344", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkjlu332f32e", "content": "", "creation_timestamp": "2025-03-16T21:35:42.368109Z"}, {"uuid": "e014e3de-09fe-44a3-b5b4-c05d8f37a6aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23440", "type": "seen", "source": "MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3", "content": "", "creation_timestamp": "2025-08-19T02:47:47.000000Z"}, {"uuid": "b7d0f746-2305-43a9-97dc-7b648734b51e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23447", "type": "seen", "source": "MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3", "content": "", "creation_timestamp": "2025-08-19T02:47:47.000000Z"}, {"uuid": "c74398ea-f3df-4553-8163-45f0570927b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23440", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6279", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23440\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: Missing Authorization vulnerability in radicaldesigns radSLIDE allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects radSLIDE: from n/a through 2.1.\n\ud83d\udccf Published: 2025-03-03T13:30:03.297Z\n\ud83d\udccf Modified: 2025-03-03T20:16:54.719Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/radslide/vulnerability/wordpress-radslide-plugin-2-1-broken-access-control-to-stored-cross-site-scripting-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-03T20:30:43.000000Z"}, {"uuid": "65a085b1-4cbd-4fd6-97f4-c3bd286764b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23446", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6277", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23446\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in NotFound WP SpaceContent allows Stored XSS. This issue affects WP SpaceContent: from n/a through 0.4.5.\n\ud83d\udccf Published: 2025-03-03T13:30:03.649Z\n\ud83d\udccf Modified: 2025-03-03T20:18:19.471Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/wp-spacecontent/vulnerability/wordpress-wp-spacecontent-plugin-0-4-5-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-03T20:30:41.000000Z"}, {"uuid": "cd5672f9-3d54-45c8-9e80-85f5f876c5c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23441", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6278", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23441\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Attach Gallery Posts allows Reflected XSS. This issue affects Attach Gallery Posts: from n/a through 1.6.\n\ud83d\udccf Published: 2025-03-03T13:30:03.479Z\n\ud83d\udccf Modified: 2025-03-03T20:17:32.958Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/attach-gallery-posts/vulnerability/wordpress-attach-gallery-posts-plugin-1-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-03T20:30:42.000000Z"}, {"uuid": "83718eae-c96c-4877-86b9-3442f494061a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23447", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6276", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23447\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Smooth Dynamic Slider allows Reflected XSS. This issue affects Smooth Dynamic Slider: from n/a through 1.0.\n\ud83d\udccf Published: 2025-03-03T13:30:03.815Z\n\ud83d\udccf Modified: 2025-03-03T20:19:36.958Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/smooth-dynamic-slider/vulnerability/wordpress-smooth-dynamic-slider-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-03T20:30:40.000000Z"}, {"uuid": "0d698ce3-ad32-454a-b7a6-2f91158208a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2344", "type": "seen", "source": "https://t.me/cvedetector/20414", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2344 - IROAD Dash Cam X5 and Dash Cam X6 API Endpoint Missing Authentication Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2344 \nPublished : March 16, 2025, 6:15 p.m. | 50\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. Affected by this issue is some unknown functionality of the component API Endpoint. The manipulation leads to missing authentication. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-16T20:33:24.000000Z"}]}