10 matches found
EUVD-2025-17027
Malicious code in bioql PyPI...
EUVD-2025-18762
Malicious code in bioql PyPI...
CVE-2025-6266
A vulnerability was detected in Teledyne FLIR AX8 up to 1.46. Affected by this vulnerability is an unknown functionality of the file /upload.php. Performing manipulation of the argument File results in unrestricted upload. It is possible to initiate the attack remotely. The exploit is now public...
PT-2025-26215
Name of the Vulnerable Software and Affected Versions FLIR AX8 versions up to 1.46 Description A critical issue affects the FLIR AX8, where the manipulation of the File argument in the "/upload.php" API endpoint leads to unrestricted file upload. This can be initiated remotely. The estimated numb...
CVE-2025-5695 Teledyne FLIR AX8 Backend subscriptions.php subscribe_to_alarm command injection
A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribetospot/subscribetodelta/subscribetoalarm of the file /usr/www/application/models/subscriptions.php of the component Backend. Such manipulation leads to command injection. It is possible to launch...
CVE-2025-5126
A vulnerability was found in Teledyne FLIR AX8 up to 1.46.16. This vulnerability affects the function setDataTime of the file \usr\www\application\models\settingsregional.php. Performing manipulation of the argument year/month/day/hour/minute results in command injection. The attack may be...
CVE-2025-5127
The CVE-2025-5127 entry concerns Teledyne FLIR AX8 firmware versions up to 1.46.16. The issue arises from how /prod.php processes the cmd parameter, enabling remote cross-site scripting via input manipulation. Public disclosures exist, and exploitation is possible as described in the sources. A f...
PT-2025-22841 · Flir · Flir Ax8
Name of the Vulnerable Software and Affected Versions: FLIR AX8 versions up to 1.46.16 Description: A critical vulnerability was found in FLIR AX8, affecting the setDataTime function of the file usrwwwapplicationmodelssettingsregional.php. The manipulation of the arguments year, month, day, hour,...
CVE-2024-3013
A flaw has been found in Teledyne FLIR AX8 up to 1.46.16. The impacted element is an unknown function of the file /tools/testlogin.php?action=register of the component User Registration. Executing manipulation can lead to improper authorization. The attack may be performed from remote. The exploi...
Arbitrary File Download Vulnerability in FLIR-AX8
Teledyne FLIR specializes in the design, development, production, marketing and promotion of specialized technologies for enhanced situational awareness. An arbitrary file download vulnerability exists in FLIR-AX8. An attacker could exploit the vulnerability to download relevant system...