Vulnerable Assets Library
A searchable database of maritime OT equipment with known vulnerabilities — covering navigation systems, engine automation, power management, and vessel control CBS from major marine vendors. Search by vendor, product family, or CVE ID to check whether equipment on your vessel has documented vulnerabilities requiring attention or patch management action.
Searchable by vendor
CVE referenced
Marine OT vendors
Continuously updated
Audit Level: Tactical
Records optimised: 30.06.2026 17:00 UTC
CVE-2022-37061 — Teledyne FLIR: n/a
Published: 2022-08-18 | Updated: 2025-10-17
N/A 0All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the root privileges. NOTE: The vendor has stated that with the introduction of firmware version 1.49.16 (Jan 2023) the FLIR AX8 should no longer be affected by the vulnerability reported. Latest firmware version (as of Oct 2025, was released Jun 2024) is 1.55.16.
CVSS VECTOR: N/A
Get new CVE entries like these in your inbox weekly.
Subscribe →
Disclaimer & Methodology
The Marine OT Vulnerable Assets Library is a curated repository of security advisories identified through automated heuristic filtering. Users should verify hardware revisions with manufacturers before patching.