PT-2024-14054 · Flir · Flir Ax8
Lin Xinkang
+1
·
Published
2024-01-01
·
Updated
2025-10-17
·
CVE-2023-51127
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
FLIR AX8 thermal sensor cameras up to and including 1.46.16
Description
The issue is related to Directory Traversal due to improper access restriction, allowing an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file.
Recommendations
For FLIR AX8 thermal sensor cameras up to and including 1.46.16, consider restricting access to the upload feature to prevent exploitation until a patch is available.
As a temporary workaround, avoid using the upload feature for symbolic link files until the issue is resolved.
Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Flir Ax8