Описание
FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an information disclosure vulnerability that allows unauthenticated attackers to read arbitrary files through unverified input parameters. Attackers can exploit the /var/www/data/controllers/api/xml.php readFile() function to access local system files without authentication.
Ссылки
EPSS
Процентиль: 52%
0.00288
Низкий
6.2 Medium
CVSS3
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 6.2
github
около 1 месяца назад
FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an information disclosure vulnerability that allows unauthenticated attackers to read arbitrary files through unverified input parameters. Attackers can exploit the /var/www/data/controllers/api/xml.php readFile() function to access local system files without authentication.
EPSS
Процентиль: 52%
0.00288
Низкий
6.2 Medium
CVSS3
Дефекты
CWE-22