CVE-2025-5127

Published May 24, 2025

Last updated 6 months ago

CVSS medium 5.1

Overview

Description
A vulnerability was determined in Teledyne FLIR AX8 up to 1.46.16. This issue affects some unknown processing of the file /prod.php. Executing manipulation of the argument cmd can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 1.49.16 is capable of addressing this issue. It is recommended to upgrade the affected component. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."
Source
cna@vuldb.com
NVD status
Modified
Products
flir_ax8_firmware

Risk scores

CVSS 4.0

Type
Secondary
Base score
5.1
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
MEDIUM

CVSS 3.1

Type
Primary
Base score
5.4
Impact score
2.7
Exploitability score
2.3
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Severity
MEDIUM

CVSS 2.0

Type
Secondary
Base score
4
Impact score
2.9
Exploitability score
8
Vector string
AV:N/AC:L/Au:S/C:N/I:P/A:N

Weaknesses

cna@vuldb.com
CWE-79
nvd@nist.gov
CWE-79

Social media

Hype score
Not currently trending

  1. 18 new OPEN, 41 new PRO (18 + 23) Cacti (CVE-2025-66399), D-Link (CVE-2025-9769), FLIR (CVE-2025-5127), Oracle (CVE-2025-61757), TA451, TA453, Tenda (CVE-2025-9813), Western Digital (CVE-2016-10108, CVE-2016-10107), Zyxel (CVE-2025-8078) and more https://t.co/QpfhWo6NvF https://

    @ET_Labs

    2 Dec 2025

    336 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🟠 FLIR AX8, Cross-Site Scripting (XSS), #CVE-2025-5127 (Medium) https://t.co/nPZtkoySt2

    @dailycve

    16 Jun 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-5127 Cross-Site Scripting in FLIR AX8 via /prod.php Argument Manipulation https://t.co/2rnFzeTTBA

    @VulmonFeeds

    24 May 2025

    75 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-5127 A vulnerability, which was classified as problematic, has been found in FLIR AX8 up to 1.46.16. This issue affects some unknown processing of the file /prod.php. The ma… https://t.co/eSjJY2XZyX

    @CVEnew

    24 May 2025

    894 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly connect to the RTSP stream using tools like VLC or FFmpeg to view and record thermal camera footage.CVE-2018-25139
  2. FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and password combinations.CVE-2018-25138
  3. A vulnerability was detected in Teledyne FLIR AX8 up to 1.46. Affected by this vulnerability is an unknown functionality of the file /upload.php. Performing manipulation of the argument File results in unrestricted upload. It is possible to initiate the attack remotely. The exploit is now public and may be used. Upgrading to version 1.49.16 addresses this issue. Upgrading the affected component is recommended. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."CVE-2025-6266
  4. A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of the file /usr/www/application/models/subscriptions.php of the component Backend. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.49.16 will fix this issue. It is suggested to upgrade the affected component. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."CVE-2025-5695
  5. A vulnerability was found in Teledyne FLIR AX8 up to 1.46.16. This vulnerability affects the function setDataTime of the file \usr\www\application\models\settingsregional.php. Performing manipulation of the argument year/month/day/hour/minute results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. Upgrading to version 1.49.16 is able to resolve this issue. Upgrading the affected component is recommended. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."CVE-2025-5126

References

Sources include official advisories and independent security research.