How severe is CVE-2025-30106?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2025-30106?

This is classified as CWE-259, which is a common weakness in software security.

CVE-2025-30106

HIGH Year: 2025

CVSS v3 Score

8.8

High

Weakness Type

CWE-259

View all →

Vulnerability Description

On IROAD v9 devices, the dashcam has hardcoded default credentials ("qwertyuiop") that cannot be changed by the user. This allows an attacker within Wi-Fi range to connect to the device's network to perform sniffing.

CVE-2023-32145

HIGH

CVSS:8.8(High)

D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 ro...

CWE-2592023

CVE-2023-49963

HIGH

CVSS:8.8(High)

DYMO LabelWriter Print Server through 2.366 contains a backdoor hard-coded password that could allow an attacker to take control.

CWE-2592023

CVE-2024-28066

HIGH

CVSS:8.8(High)

In Unify CP IP Phone firmware 1.10.4.3, Weak Credentials are used (a hardcoded root password).

CWE-2592024

CVE-2024-34211

HIGH

CVSS:8.8(High)

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.

CWE-2592024

CVE-2024-35395

HIGH

CVSS:8.8(High)

TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.

CWE-2592024

CVE-2024-37644

HIGH

CVSS:8.8(High)

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.

CWE-2592024

CVE-2025-30106

Vulnerability Description

Related Vulnerabilities

CVE-2023-32145

CVE-2023-49963

CVE-2024-28066

CVE-2024-34211

CVE-2024-35395

CVE-2024-37644