CVE-2023-46295

May 1, 2024, 8:15 p.m.

None
No Score

Description

An issue was discovered in Teledyne FLIR M300 2.00-19. Unauthenticated remote code execution can occur in the web server. An attacker can exploit this by sending a POST request to the vulnerable PHP page. An attacker can elevate to root permissions with Sudo.

Product(s) Impacted

Product Versions
Teledyne FLIR M300
  • ['2.00-19']

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://gitlab.com/loudmouth-security/vulnerability-disclosures/cve-2023-46295

Tags

2024-05-01
cve@mitre.org
CVE-2023-46295

Timeline

Published: May 1, 2024, 8:15 p.m.
Last Modified: May 1, 2024, 8:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.