E18-0z6l1
CVSS:
6.8 (AV:N/AC:L/Au:S/C:C/I:N/A:N)
False Positive:
t
Variants:
1
Year:
2018
Description
This strike exploits a directory traversal vulnerability in FLIR AX8 Thermal Camera. The vulnerability is due to lack of input sanitization while downloading config files using the 'file' parameter in download.php. Successful exploitation results in the disclosure of arbitrary file contents from the target server.