FLIR thermal traffic cameras contain an unauthenticated device manipulation vulnerability in their WebSocket implementation that allows attackers to bypass authentication and authorization controls. Attackers can directly modify device configurations, access system information, and potentially initiate denial of service by sending crafted WebSocket messages without authentication.
PUBLISHED5.2CWE-306
FLIR Thermal Traffic Cameras V1.01-0bb5b27 Unauthenticated Websocket Device Manipulation
Problem type
Affected products
FLIR Systems, Inc.
Thermal Traffic Cameras
V1.01-0bb5b27 - AFFECTED
E1.00.09 - AFFECTED
V1.02.P01 - AFFECTED
V1.05.P01 - AFFECTED
V1.04.P02 - AFFECTED
V1.04 - AFFECTED
V1.01.P02 - AFFECTED
V1.05.P03 - AFFECTED
V1.06 - AFFECTED
V1.02.P02 - AFFECTED
References
ExploitDB-45539
https://www.exploit-db.com/exploits/45539
FLIR Systems Official Website
https://www.flir.com
Zero Science Lab Disclosure (ZSL-2018-5490)
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5490.php
GitHub Security Advisories
GHSA-h2gq-4xqf-ccqf
FLIR thermal traffic cameras contain an unauthenticated device manipulation vulnerability in...
https://github.com/advisories/GHSA-h2gq-4xqf-ccqfFLIR thermal traffic cameras contain an unauthenticated device manipulation vulnerability in their WebSocket implementation that allows attackers to bypass authentication and authorization controls. Attackers can directly modify device configurations, access system information, and potentially initiate denial of service by sending crafted WebSocket messages without authentication.
JSON source
https://cveawg.mitre.org/api/cve/CVE-2018-25140Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2018-25140",
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"dateUpdated": "2025-12-24T20:26:09.413Z",
"dateReserved": "2025-12-24T14:28:02.434Z",
"datePublished": "2025-12-24T19:27:47.524Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck",
"dateUpdated": "2025-12-24T19:27:47.524Z"
},
"datePublic": "2018-10-06T00:00:00.000Z",
"title": "FLIR Thermal Traffic Cameras V1.01-0bb5b27 Unauthenticated Websocket Device Manipulation",
"descriptions": [
{
"lang": "en",
"value": "FLIR thermal traffic cameras contain an unauthenticated device manipulation vulnerability in their WebSocket implementation that allows attackers to bypass authentication and authorization controls. Attackers can directly modify device configurations, access system information, and potentially initiate denial of service by sending crafted WebSocket messages without authentication."
}
],
"affected": [
{
"vendor": "FLIR Systems, Inc.",
"product": "Thermal Traffic Cameras",
"versions": [
{
"version": "V1.01-0bb5b27",
"status": "affected"
},
{
"version": "E1.00.09",
"status": "affected"
},
{
"version": "V1.02.P01",
"status": "affected"
},
{
"version": "V1.05.P01",
"status": "affected"
},
{
"version": "V1.04.P02",
"status": "affected"
},
{
"version": "V1.04",
"status": "affected"
},
{
"version": "V1.01.P02",
"status": "affected"
},
{
"version": "V1.05.P03",
"status": "affected"
},
{
"version": "V1.06",
"status": "affected"
},
{
"version": "V1.02.P02",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "Missing Authentication for Critical Function",
"cweId": "CWE-306",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://www.exploit-db.com/exploits/45539",
"name": "ExploitDB-45539",
"tags": [
"exploit"
]
},
{
"url": "https://www.flir.com",
"name": "FLIR Systems Official Website",
"tags": [
"product"
]
},
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5490.php",
"name": "Zero Science Lab Disclosure (ZSL-2018-5490)",
"tags": [
"third-party-advisory"
]
}
],
"metrics": [
{
"format": "CVSS"
},
{
"format": "CVSS",
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
}
],
"credits": [
{
"lang": "en",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab",
"type": "finder"
}
]
},
"adp": [
{
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-12-24T20:26:09.413Z"
},
"title": "CISA ADP Vulnrichment",
"references": [
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5490.php",
"tags": [
"exploit"
]
}
],
"metrics": [
{}
]
}
]
}
}