CVE-2018-25136

CVE Database · CVE-2018-25136

CVE-2018-25136

· HIGHDeferred

CVSS v3.1

7.5

CVSS v4.0

8.7

EPSS

0.43%

Published

Dec 24, 2025

Modified

Apr 14, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can retrieve video stream images by directly accessing multiple image endpoints like middleImage.jpg, rightimage.jpg, and leftimage.jpg.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Weaknesses (CWE)

CWE-306

References (5)

http://www.brickstream.com

https://www.exploit-db.com/exploits/45607

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5496.php

https://www.exploit-db.com/exploits/45607

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5496.php

KEV Catalog EPSS Scores Vendors All CVEs