FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability in the ExportConfig REST API that allows attackers to download sensitive configuration files. Attackers can exploit the getConfigExportFile.cgi endpoint to retrieve system configurations, potentially enabling authentication bypass and privilege escalation.
PUBLISHED5.2CWE-306
FLIR Brickstream 3D+ 2.1.742.1842 Unauthenticated Config File Disclosure
Problem type
Affected products
FLIR Systems, Inc.
FLIR Brickstream 3D+
2.1.742.1842 - AFFECTED
References
ExploitDB-45599
https://www.exploit-db.com/exploits/45599
FLIR Brickstream Product Homepage
http://www.brickstream.com
Zero Science Lab Disclosure (ZSL-2018-5495)
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5495.php
GitHub Security Advisories
GHSA-8hvh-73q5-g7pg
FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability in the ExportConfig...
https://github.com/advisories/GHSA-8hvh-73q5-g7pgFLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability in the ExportConfig REST API that allows attackers to download sensitive configuration files. Attackers can exploit the getConfigExportFile.cgi endpoint to retrieve system configurations, potentially enabling authentication bypass and privilege escalation.
JSON source
https://cveawg.mitre.org/api/cve/CVE-2018-25137Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2018-25137",
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"dateUpdated": "2025-12-24T20:26:28.490Z",
"dateReserved": "2025-12-24T14:28:02.433Z",
"datePublished": "2025-12-24T19:27:46.300Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck",
"dateUpdated": "2025-12-24T19:27:46.300Z"
},
"datePublic": "2018-10-14T00:00:00.000Z",
"title": "FLIR Brickstream 3D+ 2.1.742.1842 Unauthenticated Config File Disclosure",
"descriptions": [
{
"lang": "en",
"value": "FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability in the ExportConfig REST API that allows attackers to download sensitive configuration files. Attackers can exploit the getConfigExportFile.cgi endpoint to retrieve system configurations, potentially enabling authentication bypass and privilege escalation."
}
],
"affected": [
{
"vendor": "FLIR Systems, Inc.",
"product": "FLIR Brickstream 3D+",
"versions": [
{
"version": "2.1.742.1842",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "Missing Authentication for Critical Function",
"cweId": "CWE-306",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://www.exploit-db.com/exploits/45599",
"name": "ExploitDB-45599",
"tags": [
"exploit"
]
},
{
"url": "http://www.brickstream.com",
"name": "FLIR Brickstream Product Homepage",
"tags": [
"product"
]
},
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5495.php",
"name": "Zero Science Lab Disclosure (ZSL-2018-5495)",
"tags": [
"third-party-advisory"
]
}
],
"metrics": [
{
"format": "CVSS"
},
{
"format": "CVSS",
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
}
],
"credits": [
{
"lang": "en",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab",
"type": "finder"
}
]
},
"adp": [
{
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-12-24T20:26:28.490Z"
},
"title": "CISA ADP Vulnrichment",
"references": [
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5495.php",
"tags": [
"exploit"
]
}
],
"metrics": [
{}
]
}
]
}
}