Detections
Analytics
FLIR Systems AX8 Cameras OS Command Injection (CVE-2022-37061)
critical Tenable OT Security Plugin ID 505187
Synopsis
The remote OT asset is affected by a vulnerability.Description
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the root privileges.NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vendor advisory.See Also
http://www.nessus.org/u?4aafc843
http://www.nessus.org/u?af4779fb
http://www.nessus.org/u?521092be
https://gist.github.com/Nwqda/9e16852ab7827dc62b8e44d6180a6899
http://www.nessus.org/u?9b23d5f7
https://www.flir.com/products/ax8-automation/
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5491.php
Plugin Details
Severity: Critical
ID: 505187
File Name: tenable_ot_flirsystems_CVE-2022-37061.nasl
Version: 1.1
Type: remote
Family: Tenable.ot
Published: 2/19/2026
Updated: 2/19/2026
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Critical
Score: 9.0
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Information
CPE: cpe:/o:flir:flir_ax8_firmware
Required KB Items: Tenable.ot/FLIRSystems
Exploit Ease: No known exploits are available
Patch Publication Date: 8/18/2022
Vulnerability Publication Date: 8/18/2022
Reference Information
CVE: CVE-2022-37061
CWE: 78