← voltar
CVE-2017-20213

FLIR Thermal Camera F/FC/PT/D Stream 8.0.0.64 Unauthenticated Stream Disclosure

CVSS 8.7 HIGHEPSS 0.4%CWE-306
FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contains an unauthenticated vulnerability that allows remote attackers to access live camera streams without credentials. Attackers can exploit the vulnerability to view unauthorized thermal camera video feeds across multiple camera series without requiring any authentication.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Produtos afetados
FLIR Systems, Inc. · FLIR Thermal Camera F/FC/PT/D Stream

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://cxsecurity.com/issue/WLB-2017090204https://packetstormsecurity.com/files/144323https://web.archive.org/web/20171011125811/https://www.flir.com/security/blog/details/?ID=87043https://www.exploit-db.com/exploits/42789/https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5435.php