Vulners
Lucene search
FLIR Systems FLIR Thermal Camera F/FC/PT/D Hard-Coded SSH Credentials
| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
 | CVE-2017-20214 | 7 Jan 202623:26 | – | circl |
 | FLIR Thermal Camera 信任管理问题漏洞 | 8 Jan 202600:00 | – | cnnvd |
 | CVE-2017-20214 | 7 Jan 202623:09 | – | cve |
 | CVE-2017-20214 FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 Hard-Coded SSH Credentials Vulnerability | 7 Jan 202623:09 | – | cvelist |
 | CVE-2017-20214 | 8 Jan 202600:15 | – | nvd |
 | SSH Brute Force Logins With Default Credentials Reporting | 2 Nov 201600:00 | – | openvas |
| FLIR Systems Cameras Multiple Vulnerabilities | 26 Sep 201700:00 | – | openvas |
 | PT-2026-1668 | 8 Jan 202600:00 | – | ptsecurity |
 | CVE-2017-20214 | 9 Jan 202608:38 | – | redhatcve |
 | CVE-2017-20214 FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 Hard-Coded SSH Credentials Vulnerability | 7 Jan 202623:09 | – | vulnrichment |
10
<html><body><p>FLIR Systems FLIR Thermal Camera F/FC/PT/D Hard-Coded SSH Credentials
Vendor: FLIR Systems, Inc.
Product web page: http://www.flir.com
Affected version: Firmware version: 8.0.0.64
Software version: 10.0.2.43
Release: 1.4.1, 1.4, 1.3.4 GA, 1.3.3 GA and 1.3.2
FC-Series S (FC-334-NTSC)
FC-Series ID
FC-Series-R
PT-Series (PT-334 200562)
D-Series
F-Series
Summary: FLIR's PT-Series of high-performance, multi-sensor pan/tilt cameras
bring thermal and visible-light imaging together in a system that gives you
video and control over both IP and analog networks. The PT-Series' precision
pan/tilt mechanism gives you accurate pointing control while providing fully
programmable scan patterns, radar slew-to-cue, and slew-to-alarm functions.
PT-Series cameras define a new standard of performance with five models that
provide full 640x480 thermal resolution.
Desc: FLIR utilizes hard-coded credentials within its Linux distribution image.
These sets of credentials are never exposed to the end-user and cannot be changed
through any normal operation of the camera.
Tested on: Linux 2.6.18_pro500-davinci_evm-arm_v5t_le
Linux 2.6.10_mvl401-davinci_evm-PSP_01_30_00_082
Nexus Server/2.5.29.0
Nexus Server/2.5.14.0
Nexus Server/2.5.13.0
lighttpd/1.4.28
PHP/5.4.7
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience
Advisory ID: ZSL-2017-5436
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5436.php
23.03.2017
--
root:indigo
root:video
default:video
default:[blank]
ftp:video
</p></body></html>Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
25 Sep 2017 00:00Current
7.2High risk
Vulners AI Score7.2
CVSS 3.17.5
CVSS 49.3
EPSS0.0006
SSVC