CVE-2017-20212

Publication date

2026-01-07 23:09:54

Family

VulnCheck

State

PUBLISHED

Description

FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an information disclosure vulnerability that allows unauthenticated attackers to read arbitrary files through unverified input parameters. Attackers can exploit the /var/www/data/controllers/api/xml.php readFile() function to access local system files without authentication.