CVE-2025-5127 | FLIR AX8 up to 1.46.16 /prod.php cmd cross site scripting

Inserito da Angelo Barbosa | Mag 23, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in FLIR AX8 up to 1.46.16. This issue affects some unknown processing of the file /prod.php. The manipulation of the argument cmd leads to cross site scripting.

The identification of this vulnerability is CVE-2025-5127. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-5127 | FLIR AX8 up to 1.46.16 /prod.php cmd cross site scripting

Post correlati

CVE-2024-36516 | Zoho ManageEngine ADAudit Plus up to 7999 Dashboard sql injection

CVE-2024-50510 | Web and Print Design AR for Woocommerce Plugin up to 6.2 on WordPress unrestricted upload

CVE-2025-46628 | Tenda RX2 16.03.30.14 UDP Packet ate improper authorization

CVE-2024-58237 | Linux Kernel up to 6.12.8 bpf bpf_helper_changes_pkt_data privilege escalation