FLIR Systems AX8 Cameras Improper Access Control (CVE-2025-6266)

A vulnerability was detected in Teledyne FLIR AX8 up to 1.46. Affected by this vulnerability is an unknown functionality of the file /upload.php. Performing manipulation of the argument File results in unrestricted upload. It is possible to initiate the attack remotely. The exploit is now public...

FLIR Systems AX8 Cameras Command Injection (CVE-2025-5126)

A vulnerability was found in Teledyne FLIR AX8 up to 1.46.16. This vulnerability affects the function setDataTime of the file \usr\www\application\models\settingsregional.php. Performing manipulation of the argument year/month/day/hour/minute results in command injection. The attack may be...

FLIR Systems AX8 Cameras Incorrect Privilege Assignment (CVE-2024-3013)

A flaw has been found in Teledyne FLIR AX8 up to 1.46.16. The impacted element is an unknown function of the file /tools/testlogin.php?action=register of the component User Registration. Executing manipulation can lead to improper authorization. The attack may be performed from remote. The exploi...

CVE-2025-6266

A vulnerability was detected in Teledyne FLIR AX8 up to 1.46. Affected by this vulnerability is an unknown functionality of the file /upload.php. Performing manipulation of the argument File results in unrestricted upload. It is possible to initiate the attack remotely. The exploit is now public...

CVE-2025-5695

A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribetospot/subscribetodelta/subscribetoalarm of the file /usr/www/application/models/subscriptions.php of the component Backend. Such manipulation leads to command injection. It is possible to launch...

CVE-2025-5127

A vulnerability was determined in Teledyne FLIR AX8 up to 1.46.16. This issue affects some unknown processing of the file /prod.php. Executing manipulation of the argument cmd can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be...