Description
FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly connect to the RTSP stream using tools like VLC or FFmpeg to view and record thermal camera footage.
Exploits (1)
References (3)
Core 3
Core References
Exploit, Third Party Advisory, VDB Entry exploit
https://www.exploit-db.com/exploits/45606
Product product
https://www.flir.com
Exploit, Third Party Advisory third-party-advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5492.php
Scores
CVSS v3
7.5
EPSS
0.0023
EPSS Percentile
45.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-306
Status
published
Products (2)
flir/flir_ax8_firmware
1.32.16
flir/flir_ax8_firmware
1.17.13
Published
Dec 24, 2025
Tracked Since
Feb 18, 2026