FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file.
References
Link | Resource |
---|---|
https://github.com/risuxx/CVE-2023-51127 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
17 Jan 2024, 22:16
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:flir:flir_ax8:-:*:*:*:*:*:*:* cpe:2.3:o:flir:flir_ax8_firmware:1.46.16:*:*:*:*:*:*:* |
|
CWE | CWE-22 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
First Time |
Flir flir Ax8
Flir Flir flir Ax8 Firmware |
|
References | () https://github.com/risuxx/CVE-2023-51127 - Third Party Advisory |
10 Jan 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-10 21:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-51127
Mitre link : CVE-2023-51127
CVE.ORG link : CVE-2023-51127
JSON object : View
Products Affected
flir
- flir_ax8
- flir_ax8_firmware
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')