- Description
- A vulnerability classified as critical has been found in FLIR AX8 up to 1.46.16. This affects the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of the file /usr/www/application/models/subscriptions.php of the component Backend. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.55.16 is able to address this issue. It is recommended to upgrade the affected component.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 5.1
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Secondary
- Base score
- 4.7
- Impact score
- 3.4
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
- Severity
- MEDIUM
CVSS 2.0
- Type
- Secondary
- Base score
- 5.8
- Impact score
- 6.4
- Exploitability score
- 6.4
- Vector string
- AV:N/AC:L/Au:M/C:P/I:P/A:P
- Hype score
- Not currently trending
🚨#CyberAlert: Critical vulnerability CVE-2025-5695 found in #FLIR AX8 (up to v1.46.16) affects backend functions, leading to remote command injection. 🚦Public exploit disclosed! 🚀 Upgrade to v1.55.16 NOW to secure your systems! 🔒 #Infosec #CyberSecurity #StaySafe
@SecAideInfo
8 Jun 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5695 A vulnerability classified as critical has been found in FLIR AX8 up to 1.46.16. This affects the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of th… https://t.co/oWQXS0F6xP
@CVEnew
5 Jun 2025
499 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:flir:flir_ax8_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38C9FAE6-3C28-4C1F-AD3D-07F554ADEA95",
"versionEndIncluding": "1.46.16",
"versionStartIncluding": "1.46.0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:flir:flir_ax8:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2A4DACB7-0558-4C74-8EDB-39591236ADEE"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]