virus logo Intrusion Prevention

FLIR.AX8.Thermal.Camera.Command.Injection

description-logoDescription

This indicates an attack attempt to exploit a Command Injection vulnerability in FLIR AX8 Thermal Cameras.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to exploit this to execute arbitrary OS commands within the context of the application, via a crafted HTTP request.

description-logoOutbreak Alert

Zerobot is a Go-based botnet that spreads primarily through IoT and web application vulnerabilities. According to Fortinet research analysis the most recent distribution of Zerobot includes additional capabilities such a new DDoS attack capabilities and exploiting Apache vulnerabilities.

View the full Outbreak Alert Report

affected-products-logoAffected Products

FLIR AX8 Thermal Camera 1.46.16 and earlier

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch or updates available for this issue.

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2022-09-07 22.387
Modified
 Sig Added
2022-09-01 22.385
Modified
 Sig Added
2018-12-05 13.503
Modified
 Default_action:pass:drop
2018-11-01 13.483
Modified
 Sig Added
2018-10-30 13.481
New

References

45602
ID 47031
Created Nov 01, 2018
Updated Sep 06, 2022
CVE ID
Tags Zerobot Attack
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Exploit Prediction Score 93.52%
Default Action drop
Active
Affected OS Linux
Affected App Other
Profile Type OS Command Injection