CVE-2025-7576

HIGH

Teledyne FLIR FB- and FH-Series 1.3.2.16 - Improper Access Controls

Title source: llm

Description

A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16 and classified as critical. Affected by this issue is some unknown functionality of the file /priv/production/production.html of the component Production Tools. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

References (5)

Core 5

Core References

Permissions Required, VDB Entry vdb-entry

https://vuldb.com/?id.316274

Permissions Required, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.316274

Permissions Required, VDB Entry third-party-advisory

https://vuldb.com/?submit.609549

Various Sources related

https://github.com/waiwai24/0101/blob/main/CVEs/FLIR/Production_html_Management_Backend_Unauthorized_Access.md

View Writeup ZIP pw:eip

Various Sources exploit

https://github.com/waiwai24/0101/blob/main/CVEs/FLIR/Production_html_Management_Backend_Unauthorized_Access.md#poc

View Writeup ZIP pw:eip

Scores

CVSS v3 7.3

EPSS 0.0008

EPSS Percentile 23.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-266 CWE-284

Status published

Products (2)

Teledyne/FLIR FB-Series O 1.3.2.16

Teledyne/FLIR FH-Series ID 1.3.2.16

Published Jul 14, 2025

Tracked Since Feb 18, 2026