← back
CVE-2017-20213

FLIR Thermal Camera F/FC/PT/D Stream 8.0.0.64 Unauthenticated Stream Disclosure

CVSS 8.7 HIGHEPSS 0.4%CWE-306
FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contains an unauthenticated vulnerability that allows remote attackers to access live camera streams without credentials. Attackers can exploit the vulnerability to view unauthorized thermal camera video feeds across multiple camera series without requiring any authentication.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Affected products
FLIR Systems, Inc. · FLIR Thermal Camera F/FC/PT/D Stream

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cxsecurity.com/issue/WLB-2017090204https://packetstormsecurity.com/files/144323https://web.archive.org/web/20171011125811/https://www.flir.com/security/blog/details/?ID=87043https://www.exploit-db.com/exploits/42789/https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5435.php