5 matches found
CVE-2017-20213
FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contains an unauthenticated vulnerability that allows remote attackers to access live camera streams without credentials. Attackers can exploit the vulnerability to view unauthorized thermal camera video feeds across multiple camera...
PT-2025-53360
FLIR thermal traffic cameras contain an unauthenticated device manipulation vulnerability in their WebSocket implementation that allows attackers to bypass authentication and authorization controls. Attackers can directly modify device configurations, access system information, and potentially...
PT-2025-53361
FLIR thermal traffic cameras contain an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve video streams by accessing specific endpoints like /live.mjpeg, /snapshot.jpg, and RTSP streaming URLs without...
Teledyne FLIR FB-Series O和Teledyne FLIR FH-Series ID 注入漏洞
The Teledyne FLIR FB-Series O and Teledyne FLIR FH-Series ID are both a series of thermal imaging cameras from Teledyne FLIR USA. An injection vulnerability exists in Teledyne FLIR FB-Series O and Teledyne FLIR FH-Series ID version 1.3.2.16, which stems from command injection due to misbehavior o...
Metasploit Weekly Wrap-Up
C is for cookie And that’s good enough for Apache CouchDB, apparently. Our very own Jack Heysel added an exploit module based on CVE-2022-24706 targeting CouchDB prior to 3.2.2, leveraging a special default ‘monster’ cookie that allows users to run OS commands. This fake computer I just made says...