FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file.
Directory Traversal
FLIR
Remote
true
Lin Xinkang and Xu Guanhong from Wuhan University
This page will be used to disclose information about CVE-2023-51127, and may be updated with detailed exploitation procedures later.