CVE-2018-25139
Unknown Unknown - Not Provided
Unauthenticated RTSP Access in FLIR AX8 Thermal Camera

Publication date: 2025-12-24

Last updated on: 2025-12-24

Assigner: VulnCheck

Description
FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly connect to the RTSP stream using tools like VLC or FFmpeg to view and record thermal camera footage.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-24
Last Modified
2025-12-24
Generated
2026-06-16
AI Q&A
2025-12-24
EPSS Evaluated
2026-06-15
NVD
CVE-2018-25139
EUVD
EUVD-2025-205346
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
lighttpd lighttpd 1.4.33
flir flir_ax8_thermal_camera 1.32.16
flir flir_ax8_thermal_camera 1.17.13
php php 5.4.14
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in FLIR AX8 Thermal Camera firmware version 1.32.16 allows remote attackers to access the live video stream without any authentication. Attackers can connect directly to the RTSP stream using tools like VLC or FFmpeg to view and record thermal camera footage. The vulnerability exposes sensitive visual data by permitting unauthorized access to the thermal sensor's live video stream. [1, 2]

Impact Analysis

The vulnerability can impact you by exposing sensitive thermal camera footage to unauthorized parties. This can compromise security monitoring and operational integrity, as attackers can view and record live video streams without credentials. It may also allow attackers to disrupt the video stream by freezing it via specific POST requests, potentially affecting critical equipment monitoring. [1, 2]

Detection Guidance

This vulnerability can be detected by attempting to access the RTSP stream of the FLIR AX8 Thermal Camera without authentication using tools like VLC, FFmpeg, or FFplay. Proof-of-concept commands include connecting directly to the RTSP stream URL to view or record the live thermal video stream. Additionally, an HTTP request can be made to download a snapshot image from the device. These methods verify if the camera allows unauthenticated access to its video streams. [1]

Mitigation Strategies

Immediate mitigation steps include restricting network access to the FLIR AX8 Thermal Camera to trusted users only, such as by placing the device behind a firewall or VPN. Monitoring and blocking unauthorized RTSP connections can help prevent exploitation. Applying any available firmware patches or updates released by FLIR Systems is critical once they are available. Additionally, following FLIR's cybersecurity hardening guides and bulletins is recommended to enhance device security. [2]

Compliance Impact

The vulnerability allows unauthenticated access to live video streams from the FLIR AX8 Thermal Camera, exposing sensitive visual data. This unauthorized disclosure of potentially sensitive information could lead to non-compliance with data protection regulations such as GDPR or HIPAA, which require protection of personal and sensitive data. However, specific impacts on compliance with these standards are not detailed in the provided resources. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2018-25139. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart