Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.5 views

FLIR Systems AX8 Cameras Command Injection (CVE-2023-51126)

Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value parameter. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 Jan 2023 the FLIR AX8 should no longer be affected by the...

9.8CVSS8.6AI score0.31097EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.6 views

FLIR Systems AX8 Cameras Missing Authentication for Critical Function (CVE-2022-37062)

All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains the path of the SQLite users database and...

7.5CVSS7AI score0.02624EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.4 views

FLIR Systems AX8 Cameras Cross-site Scripting (CVE-2022-37063)

All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting XSS due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the...

5.4CVSS6.1AI score0.01333EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.6 views

FLIR Systems AX8 Cameras Path Traversal (CVE-2023-51127)

FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file. NOTE...

7.5CVSS7.4AI score0.01254EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.5 views

FLIR Systems AX8 Cameras OS Command Injection (CVE-2022-37061)

All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow th...

9.8CVSS7.7AI score0.99618EPSS
Exploits11References14
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.2 views

FLIR Systems AX8 Cameras Path Traversal (CVE-2022-37060)

FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files...

7.5CVSS7.1AI score0.15195EPSS
Exploits4References9
OSV
OSV
added 2024/01/10 9:15 p.m.3 views

CVE-2023-51126

Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value parameter. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 Jan 2023 the FLIR AX8 should no longer be affected by the...

9.8CVSS5.8AI score0.31097EPSS
Exploits1References1
OSV
OSV
added 2022/08/18 6:15 p.m.5 views

CVE-2022-37061

All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow th...

9.8CVSS6.1AI score0.99618EPSS
Exploits11References7
OSV
OSV
added 2022/08/18 6:15 p.m.3 views

CVE-2022-37063

All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting XSS due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the...

5.4CVSS6AI score0.01333EPSS
Exploits3References3
OSV
OSV
added 2022/08/18 5:15 p.m.3 views

CVE-2022-37060

FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access restriction. An unauthenticated, remote attacker can exploit this by sending a URI that contains directory traversal characters to disclose the contents of files...

7.5CVSS5.7AI score0.15195EPSS
Exploits4References4
Rows per page
Query Builder