Search criteria
28 vulnerabilities found for flir_ax8_firmware by flir
CVE-2018-25139 (GCVE-0-2018-25139)
Vulnerability from nvd – Published: 2025-12-24 19:27 – Updated: 2025-12-24 20:26
VLAI?
Title
FLIR AX8 Thermal Camera 1.32.16 Unauthenticated RTSP Stream Disclosure
Summary
FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly connect to the RTSP stream using tools like VLC or FFmpeg to view and record thermal camera footage.
Severity ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| FLIR Systems, Inc. | FLIR AX8 Thermal Camera |
Affected:
1.32.16
|
Credits
LiquidWorm as Gjoko Krstic of Zero Science Lab
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25139",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-24T20:12:45.552406Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T20:26:15.968Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/45606"
},
{
"tags": [
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5492.php"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FLIR AX8 Thermal Camera",
"vendor": "FLIR Systems, Inc.",
"versions": [
{
"status": "affected",
"version": "1.32.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"datePublic": "2018-10-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly connect to the RTSP stream using tools like VLC or FFmpeg to view and record thermal camera footage."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T19:27:47.117Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-45606",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/45606"
},
{
"name": "FLIR Systems Official Product Homepage",
"tags": [
"product"
],
"url": "https://www.flir.com"
},
{
"name": "Zero Science Lab Disclosure (ZSL-2018-5492)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5492.php"
}
],
"title": "FLIR AX8 Thermal Camera 1.32.16 Unauthenticated RTSP Stream Disclosure",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25139",
"datePublished": "2025-12-24T19:27:47.117Z",
"dateReserved": "2025-12-24T14:28:02.434Z",
"dateUpdated": "2025-12-24T20:26:15.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-25138 (GCVE-0-2018-25138)
Vulnerability from nvd – Published: 2025-12-24 19:27 – Updated: 2026-01-05 14:09
VLAI?
Title
FLIR AX8 Thermal Camera 1.32.16 Hard-Coded Credentials Authentication Bypass
Summary
FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and password combinations.
Severity ?
9.8 (Critical)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| FLIR Systems | FLIR AX8 Thermal Camera |
Affected:
1.32.16
|
Credits
LiquidWorm as Gjoko Krstic of Zero Science Lab
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25138",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-24T20:12:55.292974Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T20:26:22.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5494.php"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FLIR AX8 Thermal Camera",
"vendor": "FLIR Systems",
"versions": [
{
"status": "affected",
"version": "1.32.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"datePublic": "2018-10-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and password combinations."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T14:09:52.377Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-45629",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/45629"
},
{
"name": "FLIR Systems Official Product Homepage",
"tags": [
"product"
],
"url": "https://www.flir.com"
},
{
"name": "Zero Science Lab Disclosure (ZSL-2018-5494)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5494.php"
}
],
"title": "FLIR AX8 Thermal Camera 1.32.16 Hard-Coded Credentials Authentication Bypass",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25138",
"datePublished": "2025-12-24T19:27:46.730Z",
"dateReserved": "2025-12-24T14:28:02.434Z",
"dateUpdated": "2026-01-05T14:09:52.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-6266 (GCVE-0-2025-6266)
Vulnerability from nvd – Published: 2025-06-19 12:00 – Updated: 2025-10-15 13:18
VLAI?
Title
Teledyne FLIR AX8 upload.php unrestricted upload
Summary
A vulnerability was detected in Teledyne FLIR AX8 up to 1.46. Affected by this vulnerability is an unknown functionality of the file /upload.php. Performing manipulation of the argument File results in unrestricted upload. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading to version 1.49.16 addresses this issue. Upgrading the affected component is recommended. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Teledyne FLIR | AX8 |
Affected:
1.0
Affected: 1.1 Affected: 1.2 Affected: 1.3 Affected: 1.4 Affected: 1.5 Affected: 1.6 Affected: 1.7 Affected: 1.8 Affected: 1.9 Affected: 1.10 Affected: 1.11 Affected: 1.12 Affected: 1.13 Affected: 1.14 Affected: 1.15 Affected: 1.16 Affected: 1.17 Affected: 1.18 Affected: 1.19 Affected: 1.20 Affected: 1.21 Affected: 1.22 Affected: 1.23 Affected: 1.24 Affected: 1.25 Affected: 1.26 Affected: 1.27 Affected: 1.28 Affected: 1.29 Affected: 1.30 Affected: 1.31 Affected: 1.32 Affected: 1.33 Affected: 1.34 Affected: 1.35 Affected: 1.36 Affected: 1.37 Affected: 1.38 Affected: 1.39 Affected: 1.40 Affected: 1.41 Affected: 1.42 Affected: 1.43 Affected: 1.44 Affected: 1.45 Affected: 1.46 Unaffected: 1.49.16 |
Credits
XU17 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6266",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-20T15:39:41.842977Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T15:42:09.616Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "AX8",
"vendor": "Teledyne FLIR",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "1.3"
},
{
"status": "affected",
"version": "1.4"
},
{
"status": "affected",
"version": "1.5"
},
{
"status": "affected",
"version": "1.6"
},
{
"status": "affected",
"version": "1.7"
},
{
"status": "affected",
"version": "1.8"
},
{
"status": "affected",
"version": "1.9"
},
{
"status": "affected",
"version": "1.10"
},
{
"status": "affected",
"version": "1.11"
},
{
"status": "affected",
"version": "1.12"
},
{
"status": "affected",
"version": "1.13"
},
{
"status": "affected",
"version": "1.14"
},
{
"status": "affected",
"version": "1.15"
},
{
"status": "affected",
"version": "1.16"
},
{
"status": "affected",
"version": "1.17"
},
{
"status": "affected",
"version": "1.18"
},
{
"status": "affected",
"version": "1.19"
},
{
"status": "affected",
"version": "1.20"
},
{
"status": "affected",
"version": "1.21"
},
{
"status": "affected",
"version": "1.22"
},
{
"status": "affected",
"version": "1.23"
},
{
"status": "affected",
"version": "1.24"
},
{
"status": "affected",
"version": "1.25"
},
{
"status": "affected",
"version": "1.26"
},
{
"status": "affected",
"version": "1.27"
},
{
"status": "affected",
"version": "1.28"
},
{
"status": "affected",
"version": "1.29"
},
{
"status": "affected",
"version": "1.30"
},
{
"status": "affected",
"version": "1.31"
},
{
"status": "affected",
"version": "1.32"
},
{
"status": "affected",
"version": "1.33"
},
{
"status": "affected",
"version": "1.34"
},
{
"status": "affected",
"version": "1.35"
},
{
"status": "affected",
"version": "1.36"
},
{
"status": "affected",
"version": "1.37"
},
{
"status": "affected",
"version": "1.38"
},
{
"status": "affected",
"version": "1.39"
},
{
"status": "affected",
"version": "1.40"
},
{
"status": "affected",
"version": "1.41"
},
{
"status": "affected",
"version": "1.42"
},
{
"status": "affected",
"version": "1.43"
},
{
"status": "affected",
"version": "1.44"
},
{
"status": "affected",
"version": "1.45"
},
{
"status": "affected",
"version": "1.46"
},
{
"status": "unaffected",
"version": "1.49.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "XU17 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in Teledyne FLIR AX8 up to 1.46. Affected by this vulnerability is an unknown functionality of the file /upload.php. Performing manipulation of the argument File results in unrestricted upload. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading to version 1.49.16 addresses this issue. Upgrading the affected component is recommended. The vendor points out: \"FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities.\""
},
{
"lang": "de",
"value": "In Teledyne FLIR AX8 up to 1.46 wurde eine Schwachstelle gefunden. Es ist betroffen eine unbekannte Funktion der Datei /upload.php. Mittels Manipulieren des Arguments File mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Es ist m\u00f6glich, den Angriff aus der Ferne durchzuf\u00fchren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Upgrade auf Version 1.49.16 ist in der Lage, dieses Problem zu adressieren. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:18:37.106Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-313270 | Teledyne FLIR AX8 upload.php unrestricted upload",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.313270"
},
{
"name": "VDB-313270 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.313270"
},
{
"name": "Submit #586692 | FLIR AX8 \u003c= 1.46 Unauthorized File Upload Vulnerability",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.586692"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/YZS17/CVE/blob/main/FLIR-AX8/Unauthority_file_upload_vulnerabililty.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-15T15:23:17.000Z",
"value": "VulDB entry last update"
}
],
"title": "Teledyne FLIR AX8 upload.php unrestricted upload"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-6266",
"datePublished": "2025-06-19T12:00:17.929Z",
"dateReserved": "2025-06-19T06:02:39.903Z",
"dateUpdated": "2025-10-15T13:18:37.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5695 (GCVE-0-2025-5695)
Vulnerability from nvd – Published: 2025-06-05 21:00 – Updated: 2025-10-15 13:18
VLAI?
Title
Teledyne FLIR AX8 Backend subscriptions.php subscribe_to_alarm command injection
Summary
A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of the file /usr/www/application/models/subscriptions.php of the component Backend. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.49.16 will fix this issue. It is suggested to upgrade the affected component. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Teledyne FLIR | AX8 |
Affected:
1.46.0
Affected: 1.46.1 Affected: 1.46.2 Affected: 1.46.3 Affected: 1.46.4 Affected: 1.46.5 Affected: 1.46.6 Affected: 1.46.7 Affected: 1.46.8 Affected: 1.46.9 Affected: 1.46.10 Affected: 1.46.11 Affected: 1.46.12 Affected: 1.46.13 Affected: 1.46.14 Affected: 1.46.15 Affected: 1.46.16 Unaffected: 1.49.16 |
Credits
XU17 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5695",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-06T15:34:16.259153Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T15:35:15.006Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Backend"
],
"product": "AX8",
"vendor": "Teledyne FLIR",
"versions": [
{
"status": "affected",
"version": "1.46.0"
},
{
"status": "affected",
"version": "1.46.1"
},
{
"status": "affected",
"version": "1.46.2"
},
{
"status": "affected",
"version": "1.46.3"
},
{
"status": "affected",
"version": "1.46.4"
},
{
"status": "affected",
"version": "1.46.5"
},
{
"status": "affected",
"version": "1.46.6"
},
{
"status": "affected",
"version": "1.46.7"
},
{
"status": "affected",
"version": "1.46.8"
},
{
"status": "affected",
"version": "1.46.9"
},
{
"status": "affected",
"version": "1.46.10"
},
{
"status": "affected",
"version": "1.46.11"
},
{
"status": "affected",
"version": "1.46.12"
},
{
"status": "affected",
"version": "1.46.13"
},
{
"status": "affected",
"version": "1.46.14"
},
{
"status": "affected",
"version": "1.46.15"
},
{
"status": "affected",
"version": "1.46.16"
},
{
"status": "unaffected",
"version": "1.49.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "XU17 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of the file /usr/www/application/models/subscriptions.php of the component Backend. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.49.16 will fix this issue. It is suggested to upgrade the affected component. The vendor points out: \"FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities.\""
},
{
"lang": "de",
"value": "In Teledyne FLIR AX8 up to 1.46.16 ist eine Schwachstelle entdeckt worden. Betroffen hiervon ist die Funktion subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm der Datei /usr/www/application/models/subscriptions.php der Komponente Backend. Mittels dem Manipulieren mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann remote ausgef\u00fchrt werden. Der Exploit wurde der \u00d6ffentlichkeit bekannt gemacht und k\u00f6nnte verwendet werden. Durch ein Upgrade auf Version 1.49.16 kann dieses Problem behoben werden. Es wird empfohlen, die betroffene Komponente zu aktualisieren."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:18:42.245Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-311211 | Teledyne FLIR AX8 Backend subscriptions.php subscribe_to_alarm command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.311211"
},
{
"name": "VDB-311211 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.311211"
},
{
"name": "Submit #585715 | FLIR AX8 \u003c= 1.46 Remote Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.585715"
},
{
"name": "Submit #584532 | FLIR AX8 \u003c= 1.46 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.584532"
},
{
"name": "Submit #585716 | FLIR AX8 \u003c= 1.46 Remote Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.585716"
},
{
"tags": [
"broken-link"
],
"url": "https://github.com/YZS17/CVE/blob/main/Command%20injection%20vulnerability%20in%20subscribe_to_spot()%20in%20FLIR%20AX8.md"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/YZS17/CVE/blob/main/Command%20injection%20vulnerability%20in%20subscribe_to_delta()%20in%20FLIR%20AX8.md"
},
{
"tags": [
"patch"
],
"url": "https://flir.custhelp.com/app/account/fl_download_software"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-15T15:23:22.000Z",
"value": "VulDB entry last update"
}
],
"title": "Teledyne FLIR AX8 Backend subscriptions.php subscribe_to_alarm command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5695",
"datePublished": "2025-06-05T21:00:21.192Z",
"dateReserved": "2025-06-04T20:22:18.880Z",
"dateUpdated": "2025-10-15T13:18:42.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5127 (GCVE-0-2025-5127)
Vulnerability from nvd – Published: 2025-05-24 15:31 – Updated: 2025-10-15 13:18
VLAI?
Title
Teledyne FLIR AX8 prod.php cross site scripting
Summary
A vulnerability was determined in Teledyne FLIR AX8 up to 1.46.16. This issue affects some unknown processing of the file /prod.php. Executing manipulation of the argument cmd can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 1.49.16 is capable of addressing this issue. It is recommended to upgrade the affected component. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Teledyne FLIR | AX8 |
Affected:
1.46.0
Affected: 1.46.1 Affected: 1.46.2 Affected: 1.46.3 Affected: 1.46.4 Affected: 1.46.5 Affected: 1.46.6 Affected: 1.46.7 Affected: 1.46.8 Affected: 1.46.9 Affected: 1.46.10 Affected: 1.46.11 Affected: 1.46.12 Affected: 1.46.13 Affected: 1.46.14 Affected: 1.46.15 Affected: 1.46.16 Unaffected: 1.49.16 |
Credits
XU17 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5127",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-27T14:23:24.595849Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-28T17:40:21.667Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/YZS17/CVE/blob/main/XSS%20vulnerability%20in%20FLIR%20AX8.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "AX8",
"vendor": "Teledyne FLIR",
"versions": [
{
"status": "affected",
"version": "1.46.0"
},
{
"status": "affected",
"version": "1.46.1"
},
{
"status": "affected",
"version": "1.46.2"
},
{
"status": "affected",
"version": "1.46.3"
},
{
"status": "affected",
"version": "1.46.4"
},
{
"status": "affected",
"version": "1.46.5"
},
{
"status": "affected",
"version": "1.46.6"
},
{
"status": "affected",
"version": "1.46.7"
},
{
"status": "affected",
"version": "1.46.8"
},
{
"status": "affected",
"version": "1.46.9"
},
{
"status": "affected",
"version": "1.46.10"
},
{
"status": "affected",
"version": "1.46.11"
},
{
"status": "affected",
"version": "1.46.12"
},
{
"status": "affected",
"version": "1.46.13"
},
{
"status": "affected",
"version": "1.46.14"
},
{
"status": "affected",
"version": "1.46.15"
},
{
"status": "affected",
"version": "1.46.16"
},
{
"status": "unaffected",
"version": "1.49.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "XU17 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in Teledyne FLIR AX8 up to 1.46.16. This issue affects some unknown processing of the file /prod.php. Executing manipulation of the argument cmd can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 1.49.16 is capable of addressing this issue. It is recommended to upgrade the affected component. The vendor points out: \"FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities.\""
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Teledyne FLIR AX8 up to 1.46.16 entdeckt. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei /prod.php. Durch das Manipulieren des Arguments cmd mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Mit einem Upgrade auf Version 1.49.16 l\u00e4sst sich dieses Problem beheben. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:18:44.998Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-310205 | Teledyne FLIR AX8 prod.php cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.310205"
},
{
"name": "VDB-310205 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.310205"
},
{
"name": "Submit #572265 | FLIR AX8 \u003c= 1.46 XSS",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.572265"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/YZS17/CVE/blob/main/XSS%20vulnerability%20in%20FLIR%20AX8.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-23T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-05-23T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-15T15:23:25.000Z",
"value": "VulDB entry last update"
}
],
"title": "Teledyne FLIR AX8 prod.php cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5127",
"datePublished": "2025-05-24T15:31:04.412Z",
"dateReserved": "2025-05-23T18:09:27.021Z",
"dateUpdated": "2025-10-15T13:18:44.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5126 (GCVE-0-2025-5126)
Vulnerability from nvd – Published: 2025-05-24 15:00 – Updated: 2025-10-15 13:18
VLAI?
Title
Teledyne FLIR AX8 settingsregional.php setDataTime command injection
Summary
A vulnerability was found in Teledyne FLIR AX8 up to 1.46.16. This vulnerability affects the function setDataTime of the file \usr\www\application\models\settingsregional.php. Performing manipulation of the argument year/month/day/hour/minute results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. Upgrading to version 1.49.16 is able to resolve this issue. Upgrading the affected component is recommended. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Teledyne FLIR | AX8 |
Affected:
1.46.0
Affected: 1.46.1 Affected: 1.46.2 Affected: 1.46.3 Affected: 1.46.4 Affected: 1.46.5 Affected: 1.46.6 Affected: 1.46.7 Affected: 1.46.8 Affected: 1.46.9 Affected: 1.46.10 Affected: 1.46.11 Affected: 1.46.12 Affected: 1.46.13 Affected: 1.46.14 Affected: 1.46.15 Affected: 1.46.16 Unaffected: 1.49.16 |
Credits
XU17 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5126",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-27T14:23:29.951841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-28T17:40:27.474Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/YZS17/CVE/blob/main/Remote%20Command%20Injection%20in%20parameter%20%24minute.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "AX8",
"vendor": "Teledyne FLIR",
"versions": [
{
"status": "affected",
"version": "1.46.0"
},
{
"status": "affected",
"version": "1.46.1"
},
{
"status": "affected",
"version": "1.46.2"
},
{
"status": "affected",
"version": "1.46.3"
},
{
"status": "affected",
"version": "1.46.4"
},
{
"status": "affected",
"version": "1.46.5"
},
{
"status": "affected",
"version": "1.46.6"
},
{
"status": "affected",
"version": "1.46.7"
},
{
"status": "affected",
"version": "1.46.8"
},
{
"status": "affected",
"version": "1.46.9"
},
{
"status": "affected",
"version": "1.46.10"
},
{
"status": "affected",
"version": "1.46.11"
},
{
"status": "affected",
"version": "1.46.12"
},
{
"status": "affected",
"version": "1.46.13"
},
{
"status": "affected",
"version": "1.46.14"
},
{
"status": "affected",
"version": "1.46.15"
},
{
"status": "affected",
"version": "1.46.16"
},
{
"status": "unaffected",
"version": "1.49.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "XU17 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Teledyne FLIR AX8 up to 1.46.16. This vulnerability affects the function setDataTime of the file \\usr\\www\\application\\models\\settingsregional.php. Performing manipulation of the argument year/month/day/hour/minute results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. Upgrading to version 1.49.16 is able to resolve this issue. Upgrading the affected component is recommended. The vendor points out: \"FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities.\""
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in Teledyne FLIR AX8 up to 1.46.16 gefunden. Es geht um die Funktion setDataTime der Datei \\usr\\www\\application\\models\\settingsregional.php. Mittels Manipulieren des Arguments year/month/day/hour/minute mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden. Ein Upgrade auf Version 1.49.16 ist in der Lage, dieses Problem zu adressieren. Die Aktualisierung der betroffenen Komponente wird empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:18:48.138Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-310204 | Teledyne FLIR AX8 settingsregional.php setDataTime command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.310204"
},
{
"name": "VDB-310204 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.310204"
},
{
"name": "Submit #570725 | FLIR AX8 \u003c= 1.46 Remote Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.570725"
},
{
"name": "Submit #572266 | FLIR AX8 \u003c= 1.46 Remote Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.572266"
},
{
"name": "Submit #572275 | FLIR AX8 \u003c= 1.46 Remote Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.572275"
},
{
"name": "Submit #572277 | FLIR AX8 \u003c= 1.46 Remote Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.572277"
},
{
"tags": [
"broken-link"
],
"url": "https://github.com/YZS17/CVE/blob/main/Remote%20Command%20Injection%20in%20parameter%20%24minute.md"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/YZS17/CVE/blob/main/Remote%20Command%20Injection%20in%20parameter%20%24hour.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-23T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-05-23T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-15T15:23:27.000Z",
"value": "VulDB entry last update"
}
],
"title": "Teledyne FLIR AX8 settingsregional.php setDataTime command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5126",
"datePublished": "2025-05-24T15:00:10.190Z",
"dateReserved": "2025-05-23T18:09:10.108Z",
"dateUpdated": "2025-10-15T13:18:48.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3013 (GCVE-0-2024-3013)
Vulnerability from nvd – Published: 2024-03-28 00:31 – Updated: 2025-10-15 13:18
VLAI?
Title
Teledyne FLIR AX8 User Registration test_login.php improper authorization
Summary
A flaw has been found in Teledyne FLIR AX8 up to 1.46.16. The impacted element is an unknown function of the file /tools/test_login.php?action=register of the component User Registration. Executing manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been published and may be used. Upgrading to version 1.49.16 is sufficient to resolve this issue. Upgrading the affected component is recommended. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Teledyne FLIR | AX8 |
Affected:
1.46.0
Affected: 1.46.1 Affected: 1.46.2 Affected: 1.46.3 Affected: 1.46.4 Affected: 1.46.5 Affected: 1.46.6 Affected: 1.46.7 Affected: 1.46.8 Affected: 1.46.9 Affected: 1.46.10 Affected: 1.46.11 Affected: 1.46.12 Affected: 1.46.13 Affected: 1.46.14 Affected: 1.46.15 Affected: 1.46.16 Unaffected: 1.49.16 |
Credits
H0e4a0r1t (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:32:42.489Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-258299 | FLIR AX8 User Registration improper authorization",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://vuldb.com/?id.258299"
},
{
"name": "VDB-258299 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.258299"
},
{
"name": "Submit #301588 | FLIR FLIR-AX8 Fixed Thermal Cameras 1.46.16 and below Register any user in the background",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.301588"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://h0e4a0r1t.github.io/2024/vulns/FLIR-AX8%20Fixed%20Thermal%20Cameras%20Register%20any%20user%20in%20the%20background--test_login.php.pdf"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.0:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.1:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.10:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.11:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.12:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.13:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.14:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.15:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.16:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.2:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.3:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.4:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.5:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.6:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.7:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.8:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.9:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "flir_ax8_firmware",
"vendor": "flir",
"versions": [
{
"status": "affected",
"version": "1.46.0"
},
{
"status": "affected",
"version": "1.46.1"
},
{
"status": "affected",
"version": "1.46.10"
},
{
"status": "affected",
"version": "1.46.11"
},
{
"status": "affected",
"version": "1.46.12"
},
{
"status": "affected",
"version": "1.46.13"
},
{
"status": "affected",
"version": "1.46.14"
},
{
"status": "affected",
"version": "1.46.15"
},
{
"status": "affected",
"version": "1.46.16"
},
{
"status": "affected",
"version": "1.46.2"
},
{
"status": "affected",
"version": "1.46.3"
},
{
"status": "affected",
"version": "1.46.4"
},
{
"status": "affected",
"version": "1.46.5"
},
{
"status": "affected",
"version": "1.46.6"
},
{
"status": "affected",
"version": "1.46.7"
},
{
"status": "affected",
"version": "1.46.8"
},
{
"status": "affected",
"version": "1.46.9"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3013",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-28T18:31:24.496579Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T13:33:55.786Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"User Registration"
],
"product": "AX8",
"vendor": "Teledyne FLIR",
"versions": [
{
"status": "affected",
"version": "1.46.0"
},
{
"status": "affected",
"version": "1.46.1"
},
{
"status": "affected",
"version": "1.46.2"
},
{
"status": "affected",
"version": "1.46.3"
},
{
"status": "affected",
"version": "1.46.4"
},
{
"status": "affected",
"version": "1.46.5"
},
{
"status": "affected",
"version": "1.46.6"
},
{
"status": "affected",
"version": "1.46.7"
},
{
"status": "affected",
"version": "1.46.8"
},
{
"status": "affected",
"version": "1.46.9"
},
{
"status": "affected",
"version": "1.46.10"
},
{
"status": "affected",
"version": "1.46.11"
},
{
"status": "affected",
"version": "1.46.12"
},
{
"status": "affected",
"version": "1.46.13"
},
{
"status": "affected",
"version": "1.46.14"
},
{
"status": "affected",
"version": "1.46.15"
},
{
"status": "affected",
"version": "1.46.16"
},
{
"status": "unaffected",
"version": "1.49.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "H0e4a0r1t (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in Teledyne FLIR AX8 up to 1.46.16. The impacted element is an unknown function of the file /tools/test_login.php?action=register of the component User Registration. Executing manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been published and may be used. Upgrading to version 1.49.16 is sufficient to resolve this issue. Upgrading the affected component is recommended. The vendor points out: \"FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities.\""
},
{
"lang": "de",
"value": "In Teledyne FLIR AX8 up to 1.46.16 ist eine Schwachstelle entdeckt worden. Betroffen davon ist eine unbekannte Funktion der Datei /tools/test_login.php?action=register der Komponente User Registration. Die Bearbeitung verursacht improper authorization. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden. Mit einem Upgrade auf Version 1.49.16 l\u00e4sst sich dieses Problem beheben. Die Aktualisierung der betroffenen Komponente wird empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:18:50.593Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-258299 | Teledyne FLIR AX8 User Registration test_login.php improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.258299"
},
{
"name": "VDB-258299 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.258299"
},
{
"name": "Submit #301588 | FLIR FLIR-AX8 Fixed Thermal Cameras 1.46.16 and below Register any user in the background",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.301588"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://h0e4a0r1t.github.io/2024/vulns/FLIR-AX8%20Fixed%20Thermal%20Cameras%20Register%20any%20user%20in%20the%20background--test_login.php.pdf"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-03-27T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-03-27T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2024-03-27T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-15T15:23:29.000Z",
"value": "VulDB entry last update"
}
],
"title": "Teledyne FLIR AX8 User Registration test_login.php improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-3013",
"datePublished": "2024-03-28T00:31:04.101Z",
"dateReserved": "2024-03-27T14:18:45.366Z",
"dateUpdated": "2025-10-15T13:18:50.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51127 (GCVE-0-2023-51127)
Vulnerability from nvd – Published: 2024-01-10 00:00 – Updated: 2025-10-17 19:13
VLAI?
Summary
FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:08.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/risuxx/CVE-2023-51127"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-51127",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T17:28:13.521949Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:28:40.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T19:13:13.590Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/risuxx/CVE-2023-51127"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51127",
"datePublished": "2024-01-10T00:00:00.000Z",
"dateReserved": "2023-12-18T00:00:00.000Z",
"dateUpdated": "2025-10-17T19:13:13.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51126 (GCVE-0-2023-51126)
Vulnerability from nvd – Published: 2024-01-10 00:00 – Updated: 2025-10-17 19:14
VLAI?
Summary
Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value parameter. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.110Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/risuxx/CVE-2023-51126"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-51126",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-11T15:36:32.713574Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T15:56:09.226Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value parameter. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T19:14:35.888Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/risuxx/CVE-2023-51126"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51126",
"datePublished": "2024-01-10T00:00:00.000Z",
"dateReserved": "2023-12-18T00:00:00.000Z",
"dateUpdated": "2025-10-17T19:14:35.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4364 (GCVE-0-2022-4364)
Vulnerability from nvd – Published: 2022-12-08 00:00 – Updated: 2025-10-15 13:18
VLAI?
Title
Teledyne FLIR AX8 Web Service palette.php command injection
Summary
A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. Affected by this issue is some unknown functionality of the file palette.php of the component Web Service Handler. The manipulation of the argument palette leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.49.16 can resolve this issue. Upgrading the affected component is advised. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Teledyne FLIR | AX8 |
Affected:
1.46.0
Affected: 1.46.1 Affected: 1.46.2 Affected: 1.46.3 Affected: 1.46.4 Affected: 1.46.5 Affected: 1.46.6 Affected: 1.46.7 Affected: 1.46.8 Affected: 1.46.9 Affected: 1.46.10 Affected: 1.46.11 Affected: 1.46.12 Affected: 1.46.13 Affected: 1.46.14 Affected: 1.46.15 Affected: 1.46.16 Unaffected: 1.49.16 |
Credits
ireading (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:34:50.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/siriuswhiter/VulnHub/blob/main/Flir/02-FLIR-AX8%20palette.php%20%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E/FLIR-AX8%20palette.php%20%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E1.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://vuldb.com/?id.215118"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4364",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T15:53:40.576104Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T15:55:15.816Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Web Service Handler"
],
"product": "AX8",
"vendor": "Teledyne FLIR",
"versions": [
{
"status": "affected",
"version": "1.46.0"
},
{
"status": "affected",
"version": "1.46.1"
},
{
"status": "affected",
"version": "1.46.2"
},
{
"status": "affected",
"version": "1.46.3"
},
{
"status": "affected",
"version": "1.46.4"
},
{
"status": "affected",
"version": "1.46.5"
},
{
"status": "affected",
"version": "1.46.6"
},
{
"status": "affected",
"version": "1.46.7"
},
{
"status": "affected",
"version": "1.46.8"
},
{
"status": "affected",
"version": "1.46.9"
},
{
"status": "affected",
"version": "1.46.10"
},
{
"status": "affected",
"version": "1.46.11"
},
{
"status": "affected",
"version": "1.46.12"
},
{
"status": "affected",
"version": "1.46.13"
},
{
"status": "affected",
"version": "1.46.14"
},
{
"status": "affected",
"version": "1.46.15"
},
{
"status": "affected",
"version": "1.46.16"
},
{
"status": "unaffected",
"version": "1.49.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ireading (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. Affected by this issue is some unknown functionality of the file palette.php of the component Web Service Handler. The manipulation of the argument palette leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.49.16 can resolve this issue. Upgrading the affected component is advised. The vendor points out: \"FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities.\""
},
{
"lang": "de",
"value": "In Teledyne FLIR AX8 up to 1.46.16 wurde eine Schwachstelle gefunden. Es betrifft eine unbekannte Funktion der Datei palette.php der Komponente Web Service Handler. Durch Manipulieren des Arguments palette mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann remote ausgef\u00fchrt werden. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden. Ein Aktualisieren auf die Version 1.49.16 vermag dieses Problem zu l\u00f6sen. Ein Upgrade der betroffenen Komponente wird empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:18:53.461Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-215118 | Teledyne FLIR AX8 Web Service palette.php command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.215118"
},
{
"name": "VDB-215118 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.215118"
},
{
"name": "Submit #55748 | FLIR-AX8 palette.php command execution vulnerability",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.55748"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/siriuswhiter/VulnHub/blob/main/Flir/02-FLIR-AX8%20palette.php%20%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E/FLIR-AX8%20palette.php%20%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E1.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-12-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2022-12-08T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2022-12-08T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-15T15:23:31.000Z",
"value": "VulDB entry last update"
}
],
"title": "Teledyne FLIR AX8 Web Service palette.php command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2022-4364",
"datePublished": "2022-12-08T00:00:00.000Z",
"dateReserved": "2022-12-08T00:00:00.000Z",
"dateUpdated": "2025-10-15T13:18:53.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37063 (GCVE-0-2022-37063)
Vulnerability from nvd – Published: 2022-08-18 17:09 – Updated: 2025-10-17 19:16
VLAI?
Summary
All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting (XSS) due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the attacker to insert malicious JavaScript code. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting (XSS) due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the attacker to insert malicious JavaScript code. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T19:16:03.999Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-37063",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting (XSS) due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the attacker to insert malicious JavaScript code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.flir.com/products/ax8-automation/",
"refsource": "MISC",
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"name": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899",
"refsource": "MISC",
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"name": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-37063",
"datePublished": "2022-08-18T17:09:51.000Z",
"dateReserved": "2022-08-01T00:00:00.000Z",
"dateUpdated": "2025-10-17T19:16:03.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37062 (GCVE-0-2022-37062)
Vulnerability from nvd – Published: 2022-08-18 17:05 – Updated: 2025-10-17 19:17
VLAI?
Summary
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and download it. A successful exploit could allow the attacker to extract usernames and hashed passwords. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and download it. A successful exploit could allow the attacker to extract usernames and hashed passwords. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T19:17:22.903Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-37062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and download it. A successful exploit could allow the attacker to extract usernames and hashed passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.flir.com/products/ax8-automation/",
"refsource": "MISC",
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"name": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899",
"refsource": "MISC",
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"name": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-37062",
"datePublished": "2022-08-18T17:05:48.000Z",
"dateReserved": "2022-08-01T00:00:00.000Z",
"dateUpdated": "2025-10-17T19:17:22.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37061 (GCVE-0-2022-37061)
Vulnerability from nvd – Published: 2022-08-18 00:00 – Updated: 2025-10-17 19:18
VLAI?
Summary
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the root privileges. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.754Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168114/FLIX-AX8-1.46.16-Remote-Command-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/169701/FLIR-AX8-1.46.16-Remote-Command-Injection.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5491.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the root privileges. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T19:18:34.915Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"url": "http://packetstormsecurity.com/files/168114/FLIX-AX8-1.46.16-Remote-Command-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
},
{
"url": "http://packetstormsecurity.com/files/169701/FLIR-AX8-1.46.16-Remote-Command-Injection.html"
},
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5491.php"
},
{
"url": "https://github.com/WlX-33/PoC-for-CVE/blob/main/CVE-2022-36266/FLIR%20AX8%20Unauthenticated%20OS%20Command%20Injection.py"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-37061",
"datePublished": "2022-08-18T00:00:00.000Z",
"dateReserved": "2022-08-01T00:00:00.000Z",
"dateUpdated": "2025-10-17T19:18:34.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37060 (GCVE-0-2022-37060)
Vulnerability from nvd – Published: 2022-08-18 00:00 – Updated: 2025-10-17 19:19
VLAI?
Summary
FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files located outside of the server's restricted path. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.736Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5493.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files located outside of the server\u0027s restricted path. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T19:19:35.089Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
},
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5493.php"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-37060",
"datePublished": "2022-08-18T00:00:00.000Z",
"dateReserved": "2022-08-01T00:00:00.000Z",
"dateUpdated": "2025-10-17T19:19:35.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-25139 (GCVE-0-2018-25139)
Vulnerability from cvelistv5 – Published: 2025-12-24 19:27 – Updated: 2025-12-24 20:26
VLAI?
Title
FLIR AX8 Thermal Camera 1.32.16 Unauthenticated RTSP Stream Disclosure
Summary
FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly connect to the RTSP stream using tools like VLC or FFmpeg to view and record thermal camera footage.
Severity ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| FLIR Systems, Inc. | FLIR AX8 Thermal Camera |
Affected:
1.32.16
|
Credits
LiquidWorm as Gjoko Krstic of Zero Science Lab
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25139",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-24T20:12:45.552406Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T20:26:15.968Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/45606"
},
{
"tags": [
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5492.php"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FLIR AX8 Thermal Camera",
"vendor": "FLIR Systems, Inc.",
"versions": [
{
"status": "affected",
"version": "1.32.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"datePublic": "2018-10-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly connect to the RTSP stream using tools like VLC or FFmpeg to view and record thermal camera footage."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T19:27:47.117Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-45606",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/45606"
},
{
"name": "FLIR Systems Official Product Homepage",
"tags": [
"product"
],
"url": "https://www.flir.com"
},
{
"name": "Zero Science Lab Disclosure (ZSL-2018-5492)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5492.php"
}
],
"title": "FLIR AX8 Thermal Camera 1.32.16 Unauthenticated RTSP Stream Disclosure",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25139",
"datePublished": "2025-12-24T19:27:47.117Z",
"dateReserved": "2025-12-24T14:28:02.434Z",
"dateUpdated": "2025-12-24T20:26:15.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-25138 (GCVE-0-2018-25138)
Vulnerability from cvelistv5 – Published: 2025-12-24 19:27 – Updated: 2026-01-05 14:09
VLAI?
Title
FLIR AX8 Thermal Camera 1.32.16 Hard-Coded Credentials Authentication Bypass
Summary
FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and password combinations.
Severity ?
9.8 (Critical)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| FLIR Systems | FLIR AX8 Thermal Camera |
Affected:
1.32.16
|
Credits
LiquidWorm as Gjoko Krstic of Zero Science Lab
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25138",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-24T20:12:55.292974Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T20:26:22.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5494.php"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FLIR AX8 Thermal Camera",
"vendor": "FLIR Systems",
"versions": [
{
"status": "affected",
"version": "1.32.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"datePublic": "2018-10-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and password combinations."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T14:09:52.377Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-45629",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/45629"
},
{
"name": "FLIR Systems Official Product Homepage",
"tags": [
"product"
],
"url": "https://www.flir.com"
},
{
"name": "Zero Science Lab Disclosure (ZSL-2018-5494)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5494.php"
}
],
"title": "FLIR AX8 Thermal Camera 1.32.16 Hard-Coded Credentials Authentication Bypass",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25138",
"datePublished": "2025-12-24T19:27:46.730Z",
"dateReserved": "2025-12-24T14:28:02.434Z",
"dateUpdated": "2026-01-05T14:09:52.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-6266 (GCVE-0-2025-6266)
Vulnerability from cvelistv5 – Published: 2025-06-19 12:00 – Updated: 2025-10-15 13:18
VLAI?
Title
Teledyne FLIR AX8 upload.php unrestricted upload
Summary
A vulnerability was detected in Teledyne FLIR AX8 up to 1.46. Affected by this vulnerability is an unknown functionality of the file /upload.php. Performing manipulation of the argument File results in unrestricted upload. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading to version 1.49.16 addresses this issue. Upgrading the affected component is recommended. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Teledyne FLIR | AX8 |
Affected:
1.0
Affected: 1.1 Affected: 1.2 Affected: 1.3 Affected: 1.4 Affected: 1.5 Affected: 1.6 Affected: 1.7 Affected: 1.8 Affected: 1.9 Affected: 1.10 Affected: 1.11 Affected: 1.12 Affected: 1.13 Affected: 1.14 Affected: 1.15 Affected: 1.16 Affected: 1.17 Affected: 1.18 Affected: 1.19 Affected: 1.20 Affected: 1.21 Affected: 1.22 Affected: 1.23 Affected: 1.24 Affected: 1.25 Affected: 1.26 Affected: 1.27 Affected: 1.28 Affected: 1.29 Affected: 1.30 Affected: 1.31 Affected: 1.32 Affected: 1.33 Affected: 1.34 Affected: 1.35 Affected: 1.36 Affected: 1.37 Affected: 1.38 Affected: 1.39 Affected: 1.40 Affected: 1.41 Affected: 1.42 Affected: 1.43 Affected: 1.44 Affected: 1.45 Affected: 1.46 Unaffected: 1.49.16 |
Credits
XU17 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6266",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-20T15:39:41.842977Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T15:42:09.616Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "AX8",
"vendor": "Teledyne FLIR",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "1.3"
},
{
"status": "affected",
"version": "1.4"
},
{
"status": "affected",
"version": "1.5"
},
{
"status": "affected",
"version": "1.6"
},
{
"status": "affected",
"version": "1.7"
},
{
"status": "affected",
"version": "1.8"
},
{
"status": "affected",
"version": "1.9"
},
{
"status": "affected",
"version": "1.10"
},
{
"status": "affected",
"version": "1.11"
},
{
"status": "affected",
"version": "1.12"
},
{
"status": "affected",
"version": "1.13"
},
{
"status": "affected",
"version": "1.14"
},
{
"status": "affected",
"version": "1.15"
},
{
"status": "affected",
"version": "1.16"
},
{
"status": "affected",
"version": "1.17"
},
{
"status": "affected",
"version": "1.18"
},
{
"status": "affected",
"version": "1.19"
},
{
"status": "affected",
"version": "1.20"
},
{
"status": "affected",
"version": "1.21"
},
{
"status": "affected",
"version": "1.22"
},
{
"status": "affected",
"version": "1.23"
},
{
"status": "affected",
"version": "1.24"
},
{
"status": "affected",
"version": "1.25"
},
{
"status": "affected",
"version": "1.26"
},
{
"status": "affected",
"version": "1.27"
},
{
"status": "affected",
"version": "1.28"
},
{
"status": "affected",
"version": "1.29"
},
{
"status": "affected",
"version": "1.30"
},
{
"status": "affected",
"version": "1.31"
},
{
"status": "affected",
"version": "1.32"
},
{
"status": "affected",
"version": "1.33"
},
{
"status": "affected",
"version": "1.34"
},
{
"status": "affected",
"version": "1.35"
},
{
"status": "affected",
"version": "1.36"
},
{
"status": "affected",
"version": "1.37"
},
{
"status": "affected",
"version": "1.38"
},
{
"status": "affected",
"version": "1.39"
},
{
"status": "affected",
"version": "1.40"
},
{
"status": "affected",
"version": "1.41"
},
{
"status": "affected",
"version": "1.42"
},
{
"status": "affected",
"version": "1.43"
},
{
"status": "affected",
"version": "1.44"
},
{
"status": "affected",
"version": "1.45"
},
{
"status": "affected",
"version": "1.46"
},
{
"status": "unaffected",
"version": "1.49.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "XU17 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in Teledyne FLIR AX8 up to 1.46. Affected by this vulnerability is an unknown functionality of the file /upload.php. Performing manipulation of the argument File results in unrestricted upload. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading to version 1.49.16 addresses this issue. Upgrading the affected component is recommended. The vendor points out: \"FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities.\""
},
{
"lang": "de",
"value": "In Teledyne FLIR AX8 up to 1.46 wurde eine Schwachstelle gefunden. Es ist betroffen eine unbekannte Funktion der Datei /upload.php. Mittels Manipulieren des Arguments File mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Es ist m\u00f6glich, den Angriff aus der Ferne durchzuf\u00fchren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Upgrade auf Version 1.49.16 ist in der Lage, dieses Problem zu adressieren. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:18:37.106Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-313270 | Teledyne FLIR AX8 upload.php unrestricted upload",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.313270"
},
{
"name": "VDB-313270 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.313270"
},
{
"name": "Submit #586692 | FLIR AX8 \u003c= 1.46 Unauthorized File Upload Vulnerability",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.586692"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/YZS17/CVE/blob/main/FLIR-AX8/Unauthority_file_upload_vulnerabililty.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-19T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-19T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-15T15:23:17.000Z",
"value": "VulDB entry last update"
}
],
"title": "Teledyne FLIR AX8 upload.php unrestricted upload"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-6266",
"datePublished": "2025-06-19T12:00:17.929Z",
"dateReserved": "2025-06-19T06:02:39.903Z",
"dateUpdated": "2025-10-15T13:18:37.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5695 (GCVE-0-2025-5695)
Vulnerability from cvelistv5 – Published: 2025-06-05 21:00 – Updated: 2025-10-15 13:18
VLAI?
Title
Teledyne FLIR AX8 Backend subscriptions.php subscribe_to_alarm command injection
Summary
A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of the file /usr/www/application/models/subscriptions.php of the component Backend. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.49.16 will fix this issue. It is suggested to upgrade the affected component. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Teledyne FLIR | AX8 |
Affected:
1.46.0
Affected: 1.46.1 Affected: 1.46.2 Affected: 1.46.3 Affected: 1.46.4 Affected: 1.46.5 Affected: 1.46.6 Affected: 1.46.7 Affected: 1.46.8 Affected: 1.46.9 Affected: 1.46.10 Affected: 1.46.11 Affected: 1.46.12 Affected: 1.46.13 Affected: 1.46.14 Affected: 1.46.15 Affected: 1.46.16 Unaffected: 1.49.16 |
Credits
XU17 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5695",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-06T15:34:16.259153Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T15:35:15.006Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Backend"
],
"product": "AX8",
"vendor": "Teledyne FLIR",
"versions": [
{
"status": "affected",
"version": "1.46.0"
},
{
"status": "affected",
"version": "1.46.1"
},
{
"status": "affected",
"version": "1.46.2"
},
{
"status": "affected",
"version": "1.46.3"
},
{
"status": "affected",
"version": "1.46.4"
},
{
"status": "affected",
"version": "1.46.5"
},
{
"status": "affected",
"version": "1.46.6"
},
{
"status": "affected",
"version": "1.46.7"
},
{
"status": "affected",
"version": "1.46.8"
},
{
"status": "affected",
"version": "1.46.9"
},
{
"status": "affected",
"version": "1.46.10"
},
{
"status": "affected",
"version": "1.46.11"
},
{
"status": "affected",
"version": "1.46.12"
},
{
"status": "affected",
"version": "1.46.13"
},
{
"status": "affected",
"version": "1.46.14"
},
{
"status": "affected",
"version": "1.46.15"
},
{
"status": "affected",
"version": "1.46.16"
},
{
"status": "unaffected",
"version": "1.49.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "XU17 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of the file /usr/www/application/models/subscriptions.php of the component Backend. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.49.16 will fix this issue. It is suggested to upgrade the affected component. The vendor points out: \"FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities.\""
},
{
"lang": "de",
"value": "In Teledyne FLIR AX8 up to 1.46.16 ist eine Schwachstelle entdeckt worden. Betroffen hiervon ist die Funktion subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm der Datei /usr/www/application/models/subscriptions.php der Komponente Backend. Mittels dem Manipulieren mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann remote ausgef\u00fchrt werden. Der Exploit wurde der \u00d6ffentlichkeit bekannt gemacht und k\u00f6nnte verwendet werden. Durch ein Upgrade auf Version 1.49.16 kann dieses Problem behoben werden. Es wird empfohlen, die betroffene Komponente zu aktualisieren."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:18:42.245Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-311211 | Teledyne FLIR AX8 Backend subscriptions.php subscribe_to_alarm command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.311211"
},
{
"name": "VDB-311211 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.311211"
},
{
"name": "Submit #585715 | FLIR AX8 \u003c= 1.46 Remote Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.585715"
},
{
"name": "Submit #584532 | FLIR AX8 \u003c= 1.46 Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.584532"
},
{
"name": "Submit #585716 | FLIR AX8 \u003c= 1.46 Remote Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.585716"
},
{
"tags": [
"broken-link"
],
"url": "https://github.com/YZS17/CVE/blob/main/Command%20injection%20vulnerability%20in%20subscribe_to_spot()%20in%20FLIR%20AX8.md"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/YZS17/CVE/blob/main/Command%20injection%20vulnerability%20in%20subscribe_to_delta()%20in%20FLIR%20AX8.md"
},
{
"tags": [
"patch"
],
"url": "https://flir.custhelp.com/app/account/fl_download_software"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-15T15:23:22.000Z",
"value": "VulDB entry last update"
}
],
"title": "Teledyne FLIR AX8 Backend subscriptions.php subscribe_to_alarm command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5695",
"datePublished": "2025-06-05T21:00:21.192Z",
"dateReserved": "2025-06-04T20:22:18.880Z",
"dateUpdated": "2025-10-15T13:18:42.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5127 (GCVE-0-2025-5127)
Vulnerability from cvelistv5 – Published: 2025-05-24 15:31 – Updated: 2025-10-15 13:18
VLAI?
Title
Teledyne FLIR AX8 prod.php cross site scripting
Summary
A vulnerability was determined in Teledyne FLIR AX8 up to 1.46.16. This issue affects some unknown processing of the file /prod.php. Executing manipulation of the argument cmd can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 1.49.16 is capable of addressing this issue. It is recommended to upgrade the affected component. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Teledyne FLIR | AX8 |
Affected:
1.46.0
Affected: 1.46.1 Affected: 1.46.2 Affected: 1.46.3 Affected: 1.46.4 Affected: 1.46.5 Affected: 1.46.6 Affected: 1.46.7 Affected: 1.46.8 Affected: 1.46.9 Affected: 1.46.10 Affected: 1.46.11 Affected: 1.46.12 Affected: 1.46.13 Affected: 1.46.14 Affected: 1.46.15 Affected: 1.46.16 Unaffected: 1.49.16 |
Credits
XU17 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5127",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-27T14:23:24.595849Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-28T17:40:21.667Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/YZS17/CVE/blob/main/XSS%20vulnerability%20in%20FLIR%20AX8.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "AX8",
"vendor": "Teledyne FLIR",
"versions": [
{
"status": "affected",
"version": "1.46.0"
},
{
"status": "affected",
"version": "1.46.1"
},
{
"status": "affected",
"version": "1.46.2"
},
{
"status": "affected",
"version": "1.46.3"
},
{
"status": "affected",
"version": "1.46.4"
},
{
"status": "affected",
"version": "1.46.5"
},
{
"status": "affected",
"version": "1.46.6"
},
{
"status": "affected",
"version": "1.46.7"
},
{
"status": "affected",
"version": "1.46.8"
},
{
"status": "affected",
"version": "1.46.9"
},
{
"status": "affected",
"version": "1.46.10"
},
{
"status": "affected",
"version": "1.46.11"
},
{
"status": "affected",
"version": "1.46.12"
},
{
"status": "affected",
"version": "1.46.13"
},
{
"status": "affected",
"version": "1.46.14"
},
{
"status": "affected",
"version": "1.46.15"
},
{
"status": "affected",
"version": "1.46.16"
},
{
"status": "unaffected",
"version": "1.49.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "XU17 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in Teledyne FLIR AX8 up to 1.46.16. This issue affects some unknown processing of the file /prod.php. Executing manipulation of the argument cmd can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 1.49.16 is capable of addressing this issue. It is recommended to upgrade the affected component. The vendor points out: \"FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities.\""
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Teledyne FLIR AX8 up to 1.46.16 entdeckt. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei /prod.php. Durch das Manipulieren des Arguments cmd mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Mit einem Upgrade auf Version 1.49.16 l\u00e4sst sich dieses Problem beheben. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:18:44.998Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-310205 | Teledyne FLIR AX8 prod.php cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.310205"
},
{
"name": "VDB-310205 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.310205"
},
{
"name": "Submit #572265 | FLIR AX8 \u003c= 1.46 XSS",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.572265"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/YZS17/CVE/blob/main/XSS%20vulnerability%20in%20FLIR%20AX8.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-23T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-05-23T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-15T15:23:25.000Z",
"value": "VulDB entry last update"
}
],
"title": "Teledyne FLIR AX8 prod.php cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5127",
"datePublished": "2025-05-24T15:31:04.412Z",
"dateReserved": "2025-05-23T18:09:27.021Z",
"dateUpdated": "2025-10-15T13:18:44.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5126 (GCVE-0-2025-5126)
Vulnerability from cvelistv5 – Published: 2025-05-24 15:00 – Updated: 2025-10-15 13:18
VLAI?
Title
Teledyne FLIR AX8 settingsregional.php setDataTime command injection
Summary
A vulnerability was found in Teledyne FLIR AX8 up to 1.46.16. This vulnerability affects the function setDataTime of the file \usr\www\application\models\settingsregional.php. Performing manipulation of the argument year/month/day/hour/minute results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. Upgrading to version 1.49.16 is able to resolve this issue. Upgrading the affected component is recommended. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Teledyne FLIR | AX8 |
Affected:
1.46.0
Affected: 1.46.1 Affected: 1.46.2 Affected: 1.46.3 Affected: 1.46.4 Affected: 1.46.5 Affected: 1.46.6 Affected: 1.46.7 Affected: 1.46.8 Affected: 1.46.9 Affected: 1.46.10 Affected: 1.46.11 Affected: 1.46.12 Affected: 1.46.13 Affected: 1.46.14 Affected: 1.46.15 Affected: 1.46.16 Unaffected: 1.49.16 |
Credits
XU17 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5126",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-27T14:23:29.951841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-28T17:40:27.474Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/YZS17/CVE/blob/main/Remote%20Command%20Injection%20in%20parameter%20%24minute.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "AX8",
"vendor": "Teledyne FLIR",
"versions": [
{
"status": "affected",
"version": "1.46.0"
},
{
"status": "affected",
"version": "1.46.1"
},
{
"status": "affected",
"version": "1.46.2"
},
{
"status": "affected",
"version": "1.46.3"
},
{
"status": "affected",
"version": "1.46.4"
},
{
"status": "affected",
"version": "1.46.5"
},
{
"status": "affected",
"version": "1.46.6"
},
{
"status": "affected",
"version": "1.46.7"
},
{
"status": "affected",
"version": "1.46.8"
},
{
"status": "affected",
"version": "1.46.9"
},
{
"status": "affected",
"version": "1.46.10"
},
{
"status": "affected",
"version": "1.46.11"
},
{
"status": "affected",
"version": "1.46.12"
},
{
"status": "affected",
"version": "1.46.13"
},
{
"status": "affected",
"version": "1.46.14"
},
{
"status": "affected",
"version": "1.46.15"
},
{
"status": "affected",
"version": "1.46.16"
},
{
"status": "unaffected",
"version": "1.49.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "XU17 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Teledyne FLIR AX8 up to 1.46.16. This vulnerability affects the function setDataTime of the file \\usr\\www\\application\\models\\settingsregional.php. Performing manipulation of the argument year/month/day/hour/minute results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. Upgrading to version 1.49.16 is able to resolve this issue. Upgrading the affected component is recommended. The vendor points out: \"FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities.\""
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in Teledyne FLIR AX8 up to 1.46.16 gefunden. Es geht um die Funktion setDataTime der Datei \\usr\\www\\application\\models\\settingsregional.php. Mittels Manipulieren des Arguments year/month/day/hour/minute mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden. Ein Upgrade auf Version 1.49.16 ist in der Lage, dieses Problem zu adressieren. Die Aktualisierung der betroffenen Komponente wird empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:18:48.138Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-310204 | Teledyne FLIR AX8 settingsregional.php setDataTime command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.310204"
},
{
"name": "VDB-310204 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.310204"
},
{
"name": "Submit #570725 | FLIR AX8 \u003c= 1.46 Remote Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.570725"
},
{
"name": "Submit #572266 | FLIR AX8 \u003c= 1.46 Remote Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.572266"
},
{
"name": "Submit #572275 | FLIR AX8 \u003c= 1.46 Remote Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.572275"
},
{
"name": "Submit #572277 | FLIR AX8 \u003c= 1.46 Remote Command Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.572277"
},
{
"tags": [
"broken-link"
],
"url": "https://github.com/YZS17/CVE/blob/main/Remote%20Command%20Injection%20in%20parameter%20%24minute.md"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://github.com/YZS17/CVE/blob/main/Remote%20Command%20Injection%20in%20parameter%20%24hour.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-23T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-05-23T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-15T15:23:27.000Z",
"value": "VulDB entry last update"
}
],
"title": "Teledyne FLIR AX8 settingsregional.php setDataTime command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5126",
"datePublished": "2025-05-24T15:00:10.190Z",
"dateReserved": "2025-05-23T18:09:10.108Z",
"dateUpdated": "2025-10-15T13:18:48.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3013 (GCVE-0-2024-3013)
Vulnerability from cvelistv5 – Published: 2024-03-28 00:31 – Updated: 2025-10-15 13:18
VLAI?
Title
Teledyne FLIR AX8 User Registration test_login.php improper authorization
Summary
A flaw has been found in Teledyne FLIR AX8 up to 1.46.16. The impacted element is an unknown function of the file /tools/test_login.php?action=register of the component User Registration. Executing manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been published and may be used. Upgrading to version 1.49.16 is sufficient to resolve this issue. Upgrading the affected component is recommended. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Teledyne FLIR | AX8 |
Affected:
1.46.0
Affected: 1.46.1 Affected: 1.46.2 Affected: 1.46.3 Affected: 1.46.4 Affected: 1.46.5 Affected: 1.46.6 Affected: 1.46.7 Affected: 1.46.8 Affected: 1.46.9 Affected: 1.46.10 Affected: 1.46.11 Affected: 1.46.12 Affected: 1.46.13 Affected: 1.46.14 Affected: 1.46.15 Affected: 1.46.16 Unaffected: 1.49.16 |
Credits
H0e4a0r1t (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:32:42.489Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VDB-258299 | FLIR AX8 User Registration improper authorization",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://vuldb.com/?id.258299"
},
{
"name": "VDB-258299 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.258299"
},
{
"name": "Submit #301588 | FLIR FLIR-AX8 Fixed Thermal Cameras 1.46.16 and below Register any user in the background",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://vuldb.com/?submit.301588"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://h0e4a0r1t.github.io/2024/vulns/FLIR-AX8%20Fixed%20Thermal%20Cameras%20Register%20any%20user%20in%20the%20background--test_login.php.pdf"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.0:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.1:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.10:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.11:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.12:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.13:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.14:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.15:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.16:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.2:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.3:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.4:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.5:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.6:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.7:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.8:*:*:*:*:*:*:*",
"cpe:2.3:o:flir:flir_ax8_firmware:1.46.9:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "flir_ax8_firmware",
"vendor": "flir",
"versions": [
{
"status": "affected",
"version": "1.46.0"
},
{
"status": "affected",
"version": "1.46.1"
},
{
"status": "affected",
"version": "1.46.10"
},
{
"status": "affected",
"version": "1.46.11"
},
{
"status": "affected",
"version": "1.46.12"
},
{
"status": "affected",
"version": "1.46.13"
},
{
"status": "affected",
"version": "1.46.14"
},
{
"status": "affected",
"version": "1.46.15"
},
{
"status": "affected",
"version": "1.46.16"
},
{
"status": "affected",
"version": "1.46.2"
},
{
"status": "affected",
"version": "1.46.3"
},
{
"status": "affected",
"version": "1.46.4"
},
{
"status": "affected",
"version": "1.46.5"
},
{
"status": "affected",
"version": "1.46.6"
},
{
"status": "affected",
"version": "1.46.7"
},
{
"status": "affected",
"version": "1.46.8"
},
{
"status": "affected",
"version": "1.46.9"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3013",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-28T18:31:24.496579Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T13:33:55.786Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"User Registration"
],
"product": "AX8",
"vendor": "Teledyne FLIR",
"versions": [
{
"status": "affected",
"version": "1.46.0"
},
{
"status": "affected",
"version": "1.46.1"
},
{
"status": "affected",
"version": "1.46.2"
},
{
"status": "affected",
"version": "1.46.3"
},
{
"status": "affected",
"version": "1.46.4"
},
{
"status": "affected",
"version": "1.46.5"
},
{
"status": "affected",
"version": "1.46.6"
},
{
"status": "affected",
"version": "1.46.7"
},
{
"status": "affected",
"version": "1.46.8"
},
{
"status": "affected",
"version": "1.46.9"
},
{
"status": "affected",
"version": "1.46.10"
},
{
"status": "affected",
"version": "1.46.11"
},
{
"status": "affected",
"version": "1.46.12"
},
{
"status": "affected",
"version": "1.46.13"
},
{
"status": "affected",
"version": "1.46.14"
},
{
"status": "affected",
"version": "1.46.15"
},
{
"status": "affected",
"version": "1.46.16"
},
{
"status": "unaffected",
"version": "1.49.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "H0e4a0r1t (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in Teledyne FLIR AX8 up to 1.46.16. The impacted element is an unknown function of the file /tools/test_login.php?action=register of the component User Registration. Executing manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been published and may be used. Upgrading to version 1.49.16 is sufficient to resolve this issue. Upgrading the affected component is recommended. The vendor points out: \"FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities.\""
},
{
"lang": "de",
"value": "In Teledyne FLIR AX8 up to 1.46.16 ist eine Schwachstelle entdeckt worden. Betroffen davon ist eine unbekannte Funktion der Datei /tools/test_login.php?action=register der Komponente User Registration. Die Bearbeitung verursacht improper authorization. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden. Mit einem Upgrade auf Version 1.49.16 l\u00e4sst sich dieses Problem beheben. Die Aktualisierung der betroffenen Komponente wird empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:18:50.593Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-258299 | Teledyne FLIR AX8 User Registration test_login.php improper authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.258299"
},
{
"name": "VDB-258299 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.258299"
},
{
"name": "Submit #301588 | FLIR FLIR-AX8 Fixed Thermal Cameras 1.46.16 and below Register any user in the background",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.301588"
},
{
"tags": [
"broken-link",
"exploit"
],
"url": "https://h0e4a0r1t.github.io/2024/vulns/FLIR-AX8%20Fixed%20Thermal%20Cameras%20Register%20any%20user%20in%20the%20background--test_login.php.pdf"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-03-27T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-03-27T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2024-03-27T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-15T15:23:29.000Z",
"value": "VulDB entry last update"
}
],
"title": "Teledyne FLIR AX8 User Registration test_login.php improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-3013",
"datePublished": "2024-03-28T00:31:04.101Z",
"dateReserved": "2024-03-27T14:18:45.366Z",
"dateUpdated": "2025-10-15T13:18:50.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51127 (GCVE-0-2023-51127)
Vulnerability from cvelistv5 – Published: 2024-01-10 00:00 – Updated: 2025-10-17 19:13
VLAI?
Summary
FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:08.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/risuxx/CVE-2023-51127"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-51127",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T17:28:13.521949Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:28:40.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T19:13:13.590Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/risuxx/CVE-2023-51127"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51127",
"datePublished": "2024-01-10T00:00:00.000Z",
"dateReserved": "2023-12-18T00:00:00.000Z",
"dateUpdated": "2025-10-17T19:13:13.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51126 (GCVE-0-2023-51126)
Vulnerability from cvelistv5 – Published: 2024-01-10 00:00 – Updated: 2025-10-17 19:14
VLAI?
Summary
Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value parameter. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.110Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/risuxx/CVE-2023-51126"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-51126",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-11T15:36:32.713574Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T15:56:09.226Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value parameter. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T19:14:35.888Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/risuxx/CVE-2023-51126"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51126",
"datePublished": "2024-01-10T00:00:00.000Z",
"dateReserved": "2023-12-18T00:00:00.000Z",
"dateUpdated": "2025-10-17T19:14:35.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4364 (GCVE-0-2022-4364)
Vulnerability from cvelistv5 – Published: 2022-12-08 00:00 – Updated: 2025-10-15 13:18
VLAI?
Title
Teledyne FLIR AX8 Web Service palette.php command injection
Summary
A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. Affected by this issue is some unknown functionality of the file palette.php of the component Web Service Handler. The manipulation of the argument palette leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.49.16 can resolve this issue. Upgrading the affected component is advised. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Teledyne FLIR | AX8 |
Affected:
1.46.0
Affected: 1.46.1 Affected: 1.46.2 Affected: 1.46.3 Affected: 1.46.4 Affected: 1.46.5 Affected: 1.46.6 Affected: 1.46.7 Affected: 1.46.8 Affected: 1.46.9 Affected: 1.46.10 Affected: 1.46.11 Affected: 1.46.12 Affected: 1.46.13 Affected: 1.46.14 Affected: 1.46.15 Affected: 1.46.16 Unaffected: 1.49.16 |
Credits
ireading (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:34:50.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/siriuswhiter/VulnHub/blob/main/Flir/02-FLIR-AX8%20palette.php%20%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E/FLIR-AX8%20palette.php%20%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E1.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://vuldb.com/?id.215118"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4364",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T15:53:40.576104Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T15:55:15.816Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Web Service Handler"
],
"product": "AX8",
"vendor": "Teledyne FLIR",
"versions": [
{
"status": "affected",
"version": "1.46.0"
},
{
"status": "affected",
"version": "1.46.1"
},
{
"status": "affected",
"version": "1.46.2"
},
{
"status": "affected",
"version": "1.46.3"
},
{
"status": "affected",
"version": "1.46.4"
},
{
"status": "affected",
"version": "1.46.5"
},
{
"status": "affected",
"version": "1.46.6"
},
{
"status": "affected",
"version": "1.46.7"
},
{
"status": "affected",
"version": "1.46.8"
},
{
"status": "affected",
"version": "1.46.9"
},
{
"status": "affected",
"version": "1.46.10"
},
{
"status": "affected",
"version": "1.46.11"
},
{
"status": "affected",
"version": "1.46.12"
},
{
"status": "affected",
"version": "1.46.13"
},
{
"status": "affected",
"version": "1.46.14"
},
{
"status": "affected",
"version": "1.46.15"
},
{
"status": "affected",
"version": "1.46.16"
},
{
"status": "unaffected",
"version": "1.49.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ireading (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. Affected by this issue is some unknown functionality of the file palette.php of the component Web Service Handler. The manipulation of the argument palette leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.49.16 can resolve this issue. Upgrading the affected component is advised. The vendor points out: \"FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities.\""
},
{
"lang": "de",
"value": "In Teledyne FLIR AX8 up to 1.46.16 wurde eine Schwachstelle gefunden. Es betrifft eine unbekannte Funktion der Datei palette.php der Komponente Web Service Handler. Durch Manipulieren des Arguments palette mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann remote ausgef\u00fchrt werden. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden. Ein Aktualisieren auf die Version 1.49.16 vermag dieses Problem zu l\u00f6sen. Ein Upgrade der betroffenen Komponente wird empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:18:53.461Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-215118 | Teledyne FLIR AX8 Web Service palette.php command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.215118"
},
{
"name": "VDB-215118 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.215118"
},
{
"name": "Submit #55748 | FLIR-AX8 palette.php command execution vulnerability",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.55748"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/siriuswhiter/VulnHub/blob/main/Flir/02-FLIR-AX8%20palette.php%20%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E/FLIR-AX8%20palette.php%20%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E1.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-12-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2022-12-08T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2022-12-08T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-10-15T15:23:31.000Z",
"value": "VulDB entry last update"
}
],
"title": "Teledyne FLIR AX8 Web Service palette.php command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2022-4364",
"datePublished": "2022-12-08T00:00:00.000Z",
"dateReserved": "2022-12-08T00:00:00.000Z",
"dateUpdated": "2025-10-15T13:18:53.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37063 (GCVE-0-2022-37063)
Vulnerability from cvelistv5 – Published: 2022-08-18 17:09 – Updated: 2025-10-17 19:16
VLAI?
Summary
All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting (XSS) due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the attacker to insert malicious JavaScript code. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting (XSS) due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the attacker to insert malicious JavaScript code. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T19:16:03.999Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-37063",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting (XSS) due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the attacker to insert malicious JavaScript code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.flir.com/products/ax8-automation/",
"refsource": "MISC",
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"name": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899",
"refsource": "MISC",
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"name": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-37063",
"datePublished": "2022-08-18T17:09:51.000Z",
"dateReserved": "2022-08-01T00:00:00.000Z",
"dateUpdated": "2025-10-17T19:16:03.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37062 (GCVE-0-2022-37062)
Vulnerability from cvelistv5 – Published: 2022-08-18 17:05 – Updated: 2025-10-17 19:17
VLAI?
Summary
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and download it. A successful exploit could allow the attacker to extract usernames and hashed passwords. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and download it. A successful exploit could allow the attacker to extract usernames and hashed passwords. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T19:17:22.903Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-37062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and download it. A successful exploit could allow the attacker to extract usernames and hashed passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.flir.com/products/ax8-automation/",
"refsource": "MISC",
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"name": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899",
"refsource": "MISC",
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"name": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-37062",
"datePublished": "2022-08-18T17:05:48.000Z",
"dateReserved": "2022-08-01T00:00:00.000Z",
"dateUpdated": "2025-10-17T19:17:22.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37060 (GCVE-0-2022-37060)
Vulnerability from cvelistv5 – Published: 2022-08-18 00:00 – Updated: 2025-10-17 19:19
VLAI?
Summary
FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files located outside of the server's restricted path. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.736Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5493.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files located outside of the server\u0027s restricted path. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T19:19:35.089Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
},
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5493.php"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-37060",
"datePublished": "2022-08-18T00:00:00.000Z",
"dateReserved": "2022-08-01T00:00:00.000Z",
"dateUpdated": "2025-10-17T19:19:35.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37061 (GCVE-0-2022-37061)
Vulnerability from cvelistv5 – Published: 2022-08-18 00:00 – Updated: 2025-10-17 19:18
VLAI?
Summary
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the root privileges. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.754Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168114/FLIX-AX8-1.46.16-Remote-Command-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/169701/FLIR-AX8-1.46.16-Remote-Command-Injection.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5491.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the root privileges. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T19:18:34.915Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.flir.com/products/ax8-automation/"
},
{
"url": "https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899"
},
{
"url": "http://packetstormsecurity.com/files/168114/FLIX-AX8-1.46.16-Remote-Command-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/168116/FLIR-AX8-1.46.16-Traversal-Access-Control-Command-Injection-XSS.html"
},
{
"url": "http://packetstormsecurity.com/files/169701/FLIR-AX8-1.46.16-Remote-Command-Injection.html"
},
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5491.php"
},
{
"url": "https://github.com/WlX-33/PoC-for-CVE/blob/main/CVE-2022-36266/FLIR%20AX8%20Unauthenticated%20OS%20Command%20Injection.py"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-37061",
"datePublished": "2022-08-18T00:00:00.000Z",
"dateReserved": "2022-08-01T00:00:00.000Z",
"dateUpdated": "2025-10-17T19:18:34.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}