CVE-2023-51127

EIP tracks 1 public exploit for CVE-2023-51127. PoCs published by risuxx.

AI-analyzed exploit summary The repository describes CVE-2023-51127, a directory traversal vulnerability in FLIR AX8 thermal sensor cameras (up to version 1.46.16). It allows unauthenticated remote attackers to read arbitrary sensitive files by uploading a crafted symbolic link file. The README provides basic vulnerability details but lacks exploitation code or in-depth technical analysis.

FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.