High severity8.8NVD Advisory· Published Jan 8, 2026· Updated Apr 15, 2026

CVE-2017-20215

Description

FLIR Thermal Camera FC-S/PT firmware version 8.0.0.64 contains an authenticated OS command injection vulnerability that allows attackers to execute shell commands with root privileges. Authenticated attackers can inject arbitrary shell commands through unvalidated input parameters to gain complete control of the thermal camera system.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cxsecurity.com/issue/WLB-2017090207nvd
packetstormsecurity.com/files/144325nvd
web.archive.org/web/20171011125811/https://www.flir.com/security/blog/details/nvd
www.exploit-db.com/exploits/42788/nvd
www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5437.phpnvd

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000