CVE-2022-37063

All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting (XSS) due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the attacker to insert malicious JavaScript code.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:flir:flir_ax8_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:flir:flir_ax8:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-08-18 18:15

Updated : 2024-02-28 19:29


NVD link : CVE-2022-37063

Mitre link : CVE-2022-37063

CVE.ORG link : CVE-2022-37063


JSON object : View

Products Affected

flir

  • flir_ax8
  • flir_ax8_firmware
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')