CVE-2017-20215
Unknown Unknown - Not Provided
Authenticated OS Command Injection in FLIR FC-S/PT Firmware Enables Root Access

Publication date: 2026-01-08

Last updated on: 2026-01-08

Assigner: VulnCheck

Description
FLIR Thermal Camera FC-S/PT firmware version 8.0.0.64 contains an authenticated OS command injection vulnerability that allows attackers to execute shell commands with root privileges. Authenticated attackers can inject arbitrary shell commands through unvalidated input parameters to gain complete control of the thermal camera system.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-08
Last Modified
2026-01-08
Generated
2026-06-16
AI Q&A
2026-01-08
EPSS Evaluated
2026-06-14
NVD
CVE-2017-20215
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
flir thermal_camera_fc-s_pt 8.0.0.64
flir thermal_camera_fc-s_pt 10.0.2.43
flir thermal_camera_fc-s_pt From 1.3.2 (inc) to 1.4.1 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an authenticated OS command injection in the FLIR Thermal Camera FC-S/PT firmware version 8.0.0.64. It allows an attacker who has valid credentials to inject and execute arbitrary shell commands with root privileges on the device. This means the attacker can gain complete control over the thermal camera system by exploiting unvalidated input parameters, specifically through a POST request to the /page/maintenance/lanSettings/dns endpoint. [1, 2, 3]

Impact Analysis

The impact of this vulnerability is severe as it grants an authenticated attacker root-level command execution on the affected thermal camera devices. This can lead to complete compromise of the device, allowing the attacker to control the system, disrupt its operation, or use it as a foothold to attack other parts of the network. Since these cameras are often used for perimeter protection, exploitation could undermine physical security and network integrity. [1, 2, 3]

Detection Guidance

This vulnerability can be detected by attempting an authenticated POST request to the endpoint `/page/maintenance/lanSettings/dns` with specially crafted parameters that include shell command injection payloads. For example, injecting a command such as `sleep 17` in the DNS server parameters can confirm the presence of the vulnerability by observing the delayed response. This method requires valid authentication credentials on the device. Specific commands would involve using tools like curl or similar HTTP clients to send the POST request with injected shell commands in the parameters. [1, 2]

Mitigation Strategies

Immediate mitigation steps include restricting access to the affected FLIR Thermal Camera FC-S/PT devices to trusted users only, ensuring that only authorized personnel have authentication credentials. Additionally, monitoring and controlling network access to the device's management interfaces can reduce exposure. Applying any available firmware or software updates from FLIR Systems that address this vulnerability is critical. If patches are not yet available, consider disabling or limiting the vulnerable functionality or isolating the device from untrusted networks to prevent exploitation. [1, 2, 3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2017-20215. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart