CVE-2023-51126
Published: 10 January 2024
Summary
CVE-2023-51126 is a critical-severity Command Injection (CWE-77) vulnerability in Flir Flir Ax8 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 5.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2023-51126 is a command injection vulnerability in the /usr/www/res.php endpoint of FLIR AX8 thermal cameras running firmware up to version 1.46.16. The flaw resides in the handling of the value parameter and is tracked under CWE-77, carrying a CVSS 3.1 score of 9.8.
Unauthenticated attackers with network access can supply crafted input to the parameter and execute arbitrary operating-system commands on the device, resulting in full confidentiality, integrity, and availability impact without any user interaction.
The vendor has stated that firmware 1.49.16, released in January 2023, resolves the issue; the current latest release is 1.55.16 from June 2024. Public references consist of a GitHub repository containing proof-of-concept material.
EPSS for the CVE rose from lower values to a peak of 0.2593 before receding to the current 0.1623, indicating measurable post-disclosure exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-55848
Vulnerability details
Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value parameter. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should…
more
no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.