Primary

Context

FLIR Brickstream 3D+ Unauthenticated RTSP Stream Access Vulnerability

Vulnerability

A vulnerability in the FLIR Brickstream 3D+ firmware version 2.1.742.1842 allows remote attackers to access live video streams without authentication. This issue arises from the sensor's RTSP stream being exposed, enabling unauthorized retrieval of video images through direct access to various image endpoints.

Impact

Exploitation of this vulnerability leads to unauthorized access to live video streams, allowing for real-time surveillance without the knowledge or consent of those being observed.

Reproduction

The vulnerability can be reproduced by sending a request to the exposed image endpoints on the device. This can be automated with a script that downloads images from these endpoints, which can then be compiled into a video using a tool like ffmpeg.

Added: Dec 24, 2025, 8:50 PM

Updated: Dec 24, 2025, 9:52 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

1.7

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

1.7

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FLIR Brickstream 3D+ Unauthenticated RTSP Stream Access Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating