Brickstream 3D+

CVEs (3)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2018-25137	Flir Brickstream 3D+	Hig	0.49	7.5	0.00	Dec 24, 2025	FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability in the ExportConfig REST API that allows attackers to download sensitive configuration files. Attackers can exploit the getConfigExportFile.cgi endpoint to retrieve system configurations, potentially…
CVE-2018-25136	Flir Brickstream 3D+	Hig	0.49	7.5	0.00	Dec 24, 2025	FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can retrieve video stream images by directly accessing multiple image endpoints like middleImage.jpg,…
CVE-2018-3813	Flir Brickstream 3D+		0.00	—	0.01	Jan 1, 2018	getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVI_USER_ID and AVI_USER_PASSWORD fields via a direct request.

CVE-2018-25137HigDec 24, 2025
Flir
Brickstream 3D+
risk 0.49cvss 7.5epss 0.00
FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability in the ExportConfig REST API that allows attackers to download sensitive configuration files. Attackers can exploit the getConfigExportFile.cgi endpoint to retrieve system configurations, potentially…
CVE-2018-25136HigDec 24, 2025
Flir
Brickstream 3D+
risk 0.49cvss 7.5epss 0.00
FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can retrieve video stream images by directly accessing multiple image endpoints like middleImage.jpg,…
CVE-2018-3813Jan 1, 2018
Flir
Brickstream 3D+
risk 0.00cvss —epss 0.01
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVI_USER_ID and AVI_USER_PASSWORD fields via a direct request.