CVE-2025-5695 | FLIR AX8 up to 1.46.16 Backend subscriptions.php command injection

A vulnerability classified as critical has been found in FLIR AX8 up to 1.46.16. This affects the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of the file /usr/www/application/models/subscriptions.php of the component Backend. The manipulation leads to command injection.

This vulnerability is uniquely identified as CVE-2025-5695. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More