FLIR AX8 up to 1.46.16 is vulnerable to command injection via /usr/www/res.php.
command injection
FLIR
in /usr/www/res.php. The parameter value
can inject the command and exec it.
Remote
true
Lin Xinkang from Wuhan University
This page will be used to disclose information about CVE-2023-51126, and may be updated with the PoC for the exploit later.