Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value parameter.
References
Link | Resource |
---|---|
https://github.com/risuxx/CVE-2023-51126 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
17 Jan 2024, 21:10
Type | Values Removed | Values Added |
---|---|---|
First Time |
Flir flir Ax8
Flir Flir flir Ax8 Firmware |
|
References | () https://github.com/risuxx/CVE-2023-51126 - Third Party Advisory | |
CPE | cpe:2.3:h:flir:flir_ax8:-:*:*:*:*:*:*:* cpe:2.3:o:flir:flir_ax8_firmware:*:*:*:*:*:*:*:* |
|
CWE | CWE-77 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
10 Jan 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-10 21:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-51126
Mitre link : CVE-2023-51126
CVE.ORG link : CVE-2023-51126
JSON object : View
Products Affected
flir
- flir_ax8
- flir_ax8_firmware
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')