mirror of
https://github.com/0xMarcio/cve.git
synced 2026-06-02 20:21:38 +02:00
0xMarcio
873 B
873 B
CVE-2019-7669
Description
Prima Systems FlexAir, Versions 2.3.38 and prior. Improper validation of file extensions when uploading files could allow a remote authenticated attacker to upload and execute malicious applications within the application’s web root with root privileges.
POC
Reference
- http://packetstormsecurity.com/files/155270/FlexAir-Access-Control-2.3.38-Command-Injection.html
- http://packetstormsecurity.com/files/155270/FlexAir-Access-Control-2.3.38-Command-Injection.html
Github
No PoCs found on GitHub currently.