FLIR Systems FLIR Brickstream 3D+ Unauthenticated Config Download File Disclosure

Discussion in 'News Aggregator' started by Packet Storm, 16 Oct 2018.

  1. Packet Storm

    Packet Storm Guest

    The FLIR Brickstream 3D+ sensor is vulnerable to unauthenticated config download and file disclosure vulnerability when calling the ExportConfig REST API (getConfigExportFile.cgi). This will enable the attacker to disclose sensitive information and help her in authentication bypass, privilege escalation and/or full system access.

    Continue reading...
     
    #1 Packet Storm, 16 Oct 2018
(You must log in or sign up to post here.)

Share This Page

Loading...