cvedb.io
CVE-2025-30139
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2025-03-18T20:15:26.597 · Last modified 2026-06-17T09:08:13.990

Summary

An issue was discovered on G-Net Dashcam BB GONX devices. Default credentials for SSID cannot be changed. It broadcasts a fixed SSID with default credentials that cannot be changed. This allows any nearby attacker to connect to the dashcam's network without restriction. Once connected, an attacker can sniff on connected devices such as the user's smartphone. The SSID is also always broadcasted.

Affected products

gnetsystem — g-onx_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when gnetsystem ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.