{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-1881","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-03-03T12:25:21.036Z","datePublished":"2025-03-03T20:31:04.041Z","dateUpdated":"2025-03-04T15:12:01.820Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-03-03T20:31:04.041Z"},"title":"i-Drive i11/i12 Video Footage/Live Video Stream access control","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-284","lang":"en","description":"Improper Access Controls"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-266","lang":"en","description":"Incorrect Privilege Assignment"}]}],"affected":[{"vendor":"i-Drive","product":"i11","versions":[{"version":"20250227","status":"affected"}],"modules":["Video Footage/Live Video Stream"]},{"vendor":"i-Drive","product":"i12","versions":[{"version":"20250227","status":"affected"}],"modules":["Video Footage/Live Video Stream"]}],"descriptions":[{"lang":"en","value":"A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Video Footage/Live Video Stream. The manipulation leads to improper access controls. The attack can be launched remotely. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life."},{"lang":"de","value":"In i-Drive i11 and i12 bis 20250227 wurde eine problematische Schwachstelle ausgemacht. Es geht um eine nicht näher bekannte Funktion der Komponente Video Footage/Live Video Stream. Durch das Manipulieren mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":5.3,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":4.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":4.3,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":4,"vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N"}}],"timeline":[{"time":"2025-03-03T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-03-03T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-03-03T13:30:44.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"geochen (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.298195","name":"VDB-298195 | i-Drive i11/i12 Video Footage/Live Video Stream access control","tags":["vdb-entry"]},{"url":"https://vuldb.com/?ctiid.298195","name":"VDB-298195 | CTI Indicators (IOB, IOC, TTP)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.510952","name":"Submit #510952 | i-DRIVE Dashcam i11, i12 Improper Access Controls","tags":["third-party-advisory"]},{"url":"https://github.com/geo-chen/i-Drive","tags":["related"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-03-04T15:11:23.801442Z","id":"CVE-2025-1881","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-04T15:12:01.820Z"}}]}}