CVE-2025-30127

CRITICAL

Marbella KR8s Dashcam FF <2.0.8 - Info Disclosure

Title source: llm

Description

An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Once access is gained either by default, common, or cracked passwords, the video recordings (containing sensitive routes, conversations, and footage) are open for downloading by creating a socket to command port 7777, and then downloading video via port 7778 and audio via port 7779.

References (4)

[Various Sources] https://geochen.medium.com/marbella-dashcam-ab40ca41adec

[Various Sources] https://github.com/geo-chen/Marbella/

View Writeup ZIP pw:eip

[Various Sources] https://github.com/geo-chen/Marbella/blob/main/README.md#finding-2---cve-2025-30127-video-recordings-open-to-being-downloaded-via-ports-7777-7778-7779

[Various Sources] https://makagps.com/

Scores

CVSS v3 9.8

EPSS 0.0011

EPSS Percentile 28.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-200 CWE-284 CWE-521

Status published

Published Aug 06, 2025

Tracked Since Feb 18, 2026