A
flaw has been found in Teledyne FLIR AX8 up to 1.46.16. The impacted element is an unknown function of the file /tools/test_login.php?action=register of the component User Registration. Executing manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been published and may be used. Upgrading to version 1.49.16 is sufficient to resolve this issue. Upgrading the affected component is recommended. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities."
References
| Link | Resource |
|---|---|
| https://h0e4a0r1t.github.io/2024/vulns/FLIR-AX8%20Fixed%20Thermal%20Cameras%20Register%20any%20user%20in%20the%20background--test_login.php.pdf | Broken Link |
| https://vuldb.com/?ctiid.258299 | Permissions Required VDB Entry |
| https://vuldb.com/?id.258299 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.301588 | Third Party Advisory VDB Entry |
| https://h0e4a0r1t.github.io/2024/vulns/FLIR-AX8%20Fixed%20Thermal%20Cameras%20Register%20any%20user%20in%20the%20background--test_login.php.pdf | Broken Link |
| https://vuldb.com/?ctiid.258299 | Permissions Required VDB Entry |
| https://vuldb.com/?id.258299 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.301588 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
| AND |
|
History
15 Oct 2025, 14:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-266 | |
| Summary | (en) A flaw has been found in Teledyne FLIR AX8 up to 1.46.16. The impacted element is an unknown function of the file /tools/test_login.php?action=register of the component User Registration. Executing manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been published and may be used. Upgrading to version 1.49.16 is sufficient to resolve this issue. Upgrading the affected component is recommended. The vendor points out: "FLIR AX8 internal web site has been refactored to be able to handle the reported vulnerabilities." |
12 Jun 2025, 23:23
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:flir:flir_ax8_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:flir:flir_ax8:-:*:*:*:*:*:*:* |
|
| First Time |
Flir flir Ax8
Flir flir Ax8 Firmware Flir |
|
| References | () https://h0e4a0r1t.github.io/2024/vulns/FLIR-AX8%20Fixed%20Thermal%20Cameras%20Register%20any%20user%20in%20the%20background--test_login.php.pdf - Broken Link | |
| References | () https://vuldb.com/?ctiid.258299 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.258299 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?submit.301588 - Third Party Advisory, VDB Entry |
21 Nov 2024, 09:28
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://h0e4a0r1t.github.io/2024/vulns/FLIR-AX8%20Fixed%20Thermal%20Cameras%20Register%20any%20user%20in%20the%20background--test_login.php.pdf - | |
| References | () https://vuldb.com/?ctiid.258299 - | |
| References | () https://vuldb.com/?id.258299 - | |
| References | () https://vuldb.com/?submit.301588 - |
Information
Published : 2024-03-28 01:15
Updated : 2025-10-15 14:15
NVD link : CVE-2024-3013
Mitre link : CVE-2024-3013
CVE.ORG link : CVE-2024-3013
JSON object : View
Products Affected