Lorex Technology is providing notice to its customers of a potential vulnerability relating to the original FLIR FX camera (models FX-V101H/W). These models were manufactured between 2/13/15 and 1/13/16. We have assessed the risk of unauthorized access to be low but take any potential vulnerability very seriously. In order to exploit the vulnerability, a hacker would need to (1) know the unique device ID (a 12-digit randomly generated alphanumeric number that is unique to each product), (2) know the url where the stream is located and (3) have access to certain software tools. The vulnerability only affects the original FLIR FX camera (FX-V101H/W) and does not affect the newer FXC series models (FS21, FXC101, FXC12, FXC13, FXC22, FXC32, FXC33).
We are actively working with FLIR and our technology partners to address this potential vulnerability and expect to implement a solution soon. We will post updates here as new information is available.