Flir Flir Ax8 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Flir Flir Ax8 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2018-25138 — CVSS 9.8 (critical): FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations…
CVE-2022-37061 — CVSS 9.8 (critical): All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited…
CVE-2023-51126 — CVSS 9.8 (critical): Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value…
CVE-2025-5126 — CVSS 8.8 (high): A vulnerability was found in Teledyne FLIR AX8 up to 1.46.16. This vulnerability affects the function setDataTime of the file…
CVE-2022-37062 — CVSS 7.5 (high): All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper…
CVE-2022-37060 — CVSS 7.5 (high): FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory Traversal due to an improper access…
CVE-2023-51127 — CVSS 7.5 (high): FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This…
CVE-2018-25139 — CVSS 7.5 (high): FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without…
CVE-2022-4364 — CVSS 7.3 (high): A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. Affected by this issue is some unknown functionality of the file…
CVE-2024-3013 — CVSS 6.3 (medium): A flaw has been found in Teledyne FLIR AX8 up to 1.46.16. The impacted element is an unknown function of the file /tools/test_login.php?acti…
CVE-2025-6266 — CVSS 6.3 (medium): A vulnerability was detected in Teledyne FLIR AX8 up to 1.46. Affected by this vulnerability is an unknown functionality of the file…
CVE-2022-37063 — CVSS 5.4 (medium): All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting (XSS) due to improper input…
CVE-2025-5695 — CVSS 4.7 (medium): A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribe_to_spot/subscribe_to_delta/subscribe_…
CVE-2025-5127 — CVSS 3.5 (low): A vulnerability was determined in Teledyne FLIR AX8 up to 1.46.16. This issue affects some unknown processing of the file /prod.php…