CVE-2024-3013

Name of the Vulnerable Software and Affected Versions FLIR AX8 versions up to 1.46.16

Description A critical issue affects the User Registration component, specifically the file /tools/test login.php?action=register. The manipulation leads to improper authorization, and the attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Recommendations For FLIR AX8 versions up to 1.46.16, consider disabling access to the /tools/test login.php?action=register endpoint until a patch is available. Restrict access to the User Registration component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.