EIP-2026-101736

PRE-CVE

FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101736. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates unauthenticated command injection in FLIR AX8 thermal cameras via unsanitized HTTP POST parameters in res.php and palette.php, allowing arbitrary system command execution with root privileges.

Description

FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · pythonwebappshardware

https://www.exploit-db.com/exploits/45602

View Code ZIP pw:eip

This exploit demonstrates unauthenticated command injection in FLIR AX8 thermal cameras via unsanitized HTTP POST parameters in res.php and palette.php, allowing arbitrary system command execution with root privileges.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: FLIR AX8 Thermal Camera (Firmware: 1.32.16, 1.17.13, OS: neco_v1.8-0-g7ffe5b3)

No auth needed

Prerequisites: Network access to the target device · HTTP POST request capability

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026