FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and password combinations.
PUBLISHED5.2CWE-798
FLIR AX8 Thermal Camera 1.32.16 Hard-Coded Credentials Authentication Bypass
Problem type
Affected products
FLIR Systems
FLIR AX8 Thermal Camera
1.32.16 - AFFECTED
References
ExploitDB-45629
https://www.exploit-db.com/exploits/45629
FLIR Systems Official Product Homepage
https://www.flir.com
Zero Science Lab Disclosure (ZSL-2018-5494)
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5494.php
GitHub Security Advisories
GHSA-8j6v-82x4-pg34
FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be...
https://github.com/advisories/GHSA-8j6v-82x4-pg34FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and password combinations.
JSON source
https://cveawg.mitre.org/api/cve/CVE-2018-25138Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2018-25138",
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"dateUpdated": "2025-12-24T20:26:22.231Z",
"dateReserved": "2025-12-24T14:28:02.434Z",
"datePublished": "2025-12-24T19:27:46.730Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck",
"dateUpdated": "2025-12-24T19:27:46.730Z"
},
"datePublic": "2018-10-14T00:00:00.000Z",
"title": "FLIR AX8 Thermal Camera 1.32.16 Hard-Coded Credentials Authentication Bypass",
"descriptions": [
{
"lang": "en",
"value": "FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and password combinations."
}
],
"affected": [
{
"vendor": "FLIR Systems",
"product": "FLIR AX8 Thermal Camera",
"versions": [
{
"version": "1.32.16",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "Use of Hard-coded Credentials",
"cweId": "CWE-798",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://www.exploit-db.com/exploits/45629",
"name": "ExploitDB-45629",
"tags": [
"exploit"
]
},
{
"url": "https://www.flir.com",
"name": "FLIR Systems Official Product Homepage",
"tags": [
"product"
]
},
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5494.php",
"name": "Zero Science Lab Disclosure (ZSL-2018-5494)",
"tags": [
"third-party-advisory"
]
}
],
"metrics": [
{
"format": "CVSS"
},
{
"format": "CVSS",
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
}
],
"credits": [
{
"lang": "en",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab",
"type": "finder"
}
]
},
"adp": [
{
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-12-24T20:26:22.231Z"
},
"title": "CISA ADP Vulnrichment",
"references": [
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5494.php",
"tags": [
"exploit"
]
}
],
"metrics": [
{}
]
}
]
}
}