CVE-2018-25141
Unknown Unknown - Not Provided
Unauthenticated Video Stream Access in FLIR Thermal Cameras

Publication date: 2025-12-24

Last updated on: 2025-12-24

Assigner: VulnCheck

Description
FLIR thermal traffic cameras contain an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve video streams by accessing specific endpoints like /live.mjpeg, /snapshot.jpg, and RTSP streaming URLs without authentication.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-24
Last Modified
2025-12-24
Generated
2026-06-16
AI Q&A
2025-12-24
EPSS Evaluated
2026-06-14
NVD
CVE-2018-25141
EUVD
EUVD-2025-205345
Affected Vendors & Products
Showing 11 associated CPEs
Vendor Product Version / Range
flir tiip2 *
flir vip-ip *
flir trafiradar *
nginx nginx 1.8.0
flir trafione *
flir traficam *
nginx nginx 1.10.2
nginx nginx 1.12.1
flir trafisense *
flir tiip4edge *
flir thermicam *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability allows unauthenticated access to live video streams from FLIR thermal traffic cameras, potentially exposing sensitive video data without authorization. This exposure of sensitive personal or surveillance data could lead to non-compliance with privacy regulations such as GDPR or HIPAA, which require protection of personal and sensitive information. However, specific impacts on compliance with these standards are not detailed in the provided resources. [1, 2]

Executive Summary

This vulnerability affects FLIR thermal traffic cameras and allows remote attackers to access live video streams without any authentication. Attackers can retrieve live video feeds by accessing specific endpoints such as /live.mjpeg, /snapshot.jpg, and RTSP streaming URLs directly, exposing sensitive video data without needing credentials. [1, 2]

Impact Analysis

The vulnerability can lead to unauthorized access to live video streams from FLIR thermal traffic cameras, potentially exposing sensitive traffic monitoring footage. This exposure can compromise privacy and security in environments where these cameras are deployed, such as traffic monitoring and dynamic traffic signal control systems. [1, 2]

Detection Guidance

This vulnerability can be detected by attempting to access the live video streams from the FLIR thermal traffic cameras without authentication. You can try HTTP requests to endpoints such as /live.mjpeg?id=1 and /snapshot.jpg, or RTSP requests to URLs like rtsp://Target/mpeg4. For example, using curl or wget to fetch http://<camera-ip>/live.mjpeg?id=1 or http://<camera-ip>/snapshot.jpg can help verify if the streams are accessible without credentials. Similarly, using an RTSP client to connect to rtsp://<camera-ip>/mpeg4 can test for unauthorized RTSP stream access. [2]

Mitigation Strategies

The immediate mitigation step is to update the affected FLIR thermal traffic cameras to the patched firmware versions released by FLIR as of September 2018. Applying these firmware updates will fix the unauthenticated access vulnerability. Additionally, restricting network access to the cameras and implementing network-level controls to limit exposure of the camera endpoints can help reduce risk until patches are applied. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2018-25141. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart