24h | 7d | 30d

CVE-2025-55125

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

1 Post

Last activity: 22 hours ago

Fediverse

Dark Web Informer :verified_paw: @DarkWebInformer

🚨 Multiple Veeam CVEs Identified: Critical Flaws Allow RCE and High-Privilege Actions

CVE-2025-55125:

A flaw that allows a Backup or Tape Operator to achieve remote code execution (RCE) as root by crafting a malicious backup configuration file.

▪️Severity: High
▪️CVSS v3.1: 7.2
▪️Source: Discovered during internal testing

CVE-2025-59468:

A vulnerability enabling a Backup Administrator to execute remote code as the postgres user by supplying a malicious password parameter.

▪️Severity: Medium
▪️CVSS v3.1: 6.7
▪️Source: Discovered during internal testing

CVE-2025-59469

A security issue that allows a Backup or Tape Operator to write arbitrary files with root privileges.

▪️Severity: High
▪️CVSS v3.1: 7.2
▪️Source: Discovered during internal testing

CVE-2025-59470

A vulnerability that permits a Backup or Tape Operator to achieve remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter.

▪️CVSS Severity: Critical
▪️CVSS v3.1: 9.0
▪️Source: Discovered during internal testing

Veeam: https://www.veeam.com/kb4738
Blog format: https://darkwebinformer.com/multiple-veeam-cves-identified-critical-flaws-allow-rce-and-high-privilege-actions/

0
0
0
22h ago

CVE-2025-59469

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

1 Post

Last activity: 22 hours ago

Fediverse

Dark Web Informer :verified_paw: @DarkWebInformer

🚨 Multiple Veeam CVEs Identified: Critical Flaws Allow RCE and High-Privilege Actions

CVE-2025-55125:

A flaw that allows a Backup or Tape Operator to achieve remote code execution (RCE) as root by crafting a malicious backup configuration file.

▪️Severity: High
▪️CVSS v3.1: 7.2
▪️Source: Discovered during internal testing

CVE-2025-59468:

A vulnerability enabling a Backup Administrator to execute remote code as the postgres user by supplying a malicious password parameter.

▪️Severity: Medium
▪️CVSS v3.1: 6.7
▪️Source: Discovered during internal testing

CVE-2025-59469

A security issue that allows a Backup or Tape Operator to write arbitrary files with root privileges.

▪️Severity: High
▪️CVSS v3.1: 7.2
▪️Source: Discovered during internal testing

CVE-2025-59470

A vulnerability that permits a Backup or Tape Operator to achieve remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter.

▪️CVSS Severity: Critical
▪️CVSS v3.1: 9.0
▪️Source: Discovered during internal testing

Veeam: https://www.veeam.com/kb4738
Blog format: https://darkwebinformer.com/multiple-veeam-cves-identified-critical-flaws-allow-rce-and-high-privilege-actions/

0
0
0
22h ago

CVE-2017-20214

Overview

FLIR Systems, Inc.
FLIR Thermal Camera F/FC/PT/D

07 Jan 2026

Published

07 Jan 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

Pending

MITRE

KEV

Description

FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains hard-coded SSH credentials that cannot be changed through normal camera operations. Attackers can leverage these persistent, unmodifiable credentials to gain unauthorized remote access to the thermal camera system.

Statistics

1 Post
2 Interactions

Last activity: 15 hours ago

Fediverse

Old FLIR CVEs just published.

https://www.cve.org/CVERecord?id=CVE-2017-20212

https://www.cve.org/CVERecord?id=CVE-2017-20213

https://www.cve.org/CVERecord?id=CVE-2017-20214

https://www.cve.org/CVERecord?id=CVE-2017-20215

https://www.cve.org/CVERecord?id=CVE-2017-20216

cc: @Dio9sys @da_667

#internetOfShit

0
2
0
15h ago

CVE-2017-20213

Overview

FLIR Systems, Inc.
FLIR Thermal Camera F/FC/PT/D Stream

07 Jan 2026

Published

07 Jan 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

Pending

MITRE

KEV

Description

FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contains an unauthenticated vulnerability that allows remote attackers to access live camera streams without credentials. Attackers can exploit the vulnerability to view unauthorized thermal camera video feeds across multiple camera series without requiring any authentication.

Statistics

1 Post
2 Interactions

Last activity: 15 hours ago

Fediverse

Old FLIR CVEs just published.

https://www.cve.org/CVERecord?id=CVE-2017-20212

https://www.cve.org/CVERecord?id=CVE-2017-20213

https://www.cve.org/CVERecord?id=CVE-2017-20214

https://www.cve.org/CVERecord?id=CVE-2017-20215

https://www.cve.org/CVERecord?id=CVE-2017-20216

cc: @Dio9sys @da_667

#internetOfShit

0
2
0
15h ago

CVE-2017-20212

Overview

FLIR Systems, Inc.
FLIR Thermal Camera F/FC/PT/D

07 Jan 2026

Published

07 Jan 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

Pending

MITRE

KEV

Description

FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an information disclosure vulnerability that allows unauthenticated attackers to read arbitrary files through unverified input parameters. Attackers can exploit the /var/www/data/controllers/api/xml.php readFile() function to access local system files without authentication.

Statistics

1 Post
2 Interactions

Last activity: 15 hours ago

Fediverse

Old FLIR CVEs just published.

https://www.cve.org/CVERecord?id=CVE-2017-20212

https://www.cve.org/CVERecord?id=CVE-2017-20213

https://www.cve.org/CVERecord?id=CVE-2017-20214

https://www.cve.org/CVERecord?id=CVE-2017-20215

https://www.cve.org/CVERecord?id=CVE-2017-20216

cc: @Dio9sys @da_667

#internetOfShit

0
2
0
15h ago

CVE-2017-20216

Overview

FLIR Systems, Inc.
FLIR Thermal Camera PT-Series

07 Jan 2026

Published

07 Jan 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

Pending

MITRE

KEV

Description

FLIR Thermal Camera PT-Series firmware version 8.0.0.64 contains multiple unauthenticated remote command injection vulnerabilities in the controllerFlirSystem.php script. Attackers can execute arbitrary system commands as root by exploiting unsanitized POST parameters in the execFlirSystem() function through shell_exec() calls. Exploitation evidence was observed by the Shadowserver Foundation on 2026-01-06 (UTC).

Statistics

1 Post
2 Interactions

Last activity: 15 hours ago

Fediverse

Old FLIR CVEs just published.

https://www.cve.org/CVERecord?id=CVE-2017-20212

https://www.cve.org/CVERecord?id=CVE-2017-20213

https://www.cve.org/CVERecord?id=CVE-2017-20214

https://www.cve.org/CVERecord?id=CVE-2017-20215

https://www.cve.org/CVERecord?id=CVE-2017-20216

cc: @Dio9sys @da_667

#internetOfShit

0
2
0
15h ago

CVE-2017-20215

Overview

FLIR Systems, Inc.
FLIR Thermal Camera FC-S/PT

07 Jan 2026

Published

07 Jan 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

Pending

MITRE

KEV

Description

FLIR Thermal Camera FC-S/PT firmware version 8.0.0.64 contains an authenticated OS command injection vulnerability that allows attackers to execute shell commands with root privileges. Authenticated attackers can inject arbitrary shell commands through unvalidated input parameters to gain complete control of the thermal camera system.

Statistics

1 Post
2 Interactions

Last activity: 15 hours ago

Fediverse

Old FLIR CVEs just published.

https://www.cve.org/CVERecord?id=CVE-2017-20212

https://www.cve.org/CVERecord?id=CVE-2017-20213

https://www.cve.org/CVERecord?id=CVE-2017-20214

https://www.cve.org/CVERecord?id=CVE-2017-20215

https://www.cve.org/CVERecord?id=CVE-2017-20216

cc: @Dio9sys @da_667

#internetOfShit

0
2
0
15h ago

Showing 71 to 77 of 77 CVEs