CVE-2019-7669
- Reference to the description:
- Description:
- Prima Systems FlexAir, Versions 2.3.38 and prior. Improper validation of file extensions when uploading files could allow a remote authenticated attacker to upload and execute malicious applications within the application’s web root with root privileges.
- Last updated date:
- 10/21/2022
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 10/21/2022
- Reference url to background
http://packetstormsecurity.com/files/155270/FlexAir-Access-Control-2.3.38-Command-Injection.html