| Title | FLIR FLIR FB-Series O FLIR FB-Series O and ID Firmware, Version 1.3.2.16 Improper Access Controls |
|---|
| Description | Production.html is a powerful management backend designed for internal production and debugging purposes. Its design intent is clearly private (evident from the directory name "priv"), but due to server misconfiguration, it is exposed on the public network, allowing any attacker who knows its URL to directly access it without any authentication. This vulnerability combines unauthorized access, information disclosure, and potential remote code execution into a complete, high-risk attack entry point. |
|---|
| Source | ⚠️ https://github.com/waiwai24/0101/blob/main/CVEs/FLIR/Production_html_Management_Backend_Unauthorized_Access.md |
|---|
| User | waiwai24 (UID 81637) |
|---|
| Submission | 07/04/2025 21:11 (12 months ago) |
|---|
| Moderation | 07/13/2025 09:47 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 316274 [Teledyne FLIR FB-Series O/FLIR FH-Series ID 1.3.2.16 Production Tools production.html access control] |
|---|
| Points | 20 |
|---|