Browse all 11 CVE security advisories affecting 70mai. AI-powered Chinese analysis, POCs, and references for each vulnerability.
70mai develops dashcams and vehicle monitoring systems focused on driver assistance and security recording. Historically, their products have faced multiple vulnerabilities including remote code execution, cross-site scripting, and privilege escalation issues, often stemming from insecure web interfaces and default credentials. The company has addressed 11 CVEs to date, with flaws frequently allowing unauthorized access to device feeds or system control. While no major public security incidents have been documented, the pattern of vulnerabilities suggests potential risks in connected vehicle ecosystems. Security researchers have noted that some implementations lack proper input validation and authentication mechanisms, which could be exploited in real-world scenarios.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-6530 | 70mai M300 Telnet Service demo.sh denial of service — M300CWE-404 | 4.8 | Medium | 2025-06-23 |
| CVE-2025-6529 | 70mai M300 Telnet Service default credentials — M300CWE-1392 | 8.8 | High | 2025-06-23 |
| CVE-2025-6528 | 70mai M300 RTSP Live Video Stream Endpoint 12 improper authentication — M300CWE-287 | 4.3 | Medium | 2025-06-23 |
| CVE-2025-6527 | 70mai M300 Web Server access control — M300CWE-284 | 3.1 | Low | 2025-06-23 |
| CVE-2025-6526 | 70mai M300 HTTP Server insufficiently protected credentials — M300CWE-522 | 3.1 | Low | 2025-06-23 |
This page lists every published CVE security advisory associated with 70mai. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.