5 matches found
Prima Systems FlexAir Authentication Bypass (CVE-2019-7667)
An authentication bypass vulnerability exists in Prima Systems FlexAir Access Control Database. Successful exploitation of this vulnerability could allow an attacker to download the database file, disclose login information, and have full access to the system...
Prima FlexAir Access Control 2.3.35 Database Backup Predictable Name
!/usr/bin/env python -- coding: utf8 -- Prima FlexAir Access Control 2.3.35 Database Backup Predictable Name Exploit Authentication Bypass Login with MD5 hash CVE: CVE-2019-7666, CVE-2019-7667 Advisory: https://applied-risk.com/resources/ar-2019-007 Paper:...
FlexAir Access Control 2.3.35 - Authentication Bypass Exploit
Exploit for hardware platform in category web applications Exploit Title: FlexAir Access Control 2.3.35 - Authentication Bypass Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/...
FlexAir Access Control 2.3.35 - Authentication Bypass
Exploit Title: FlexAir Access Control 2.3.35 - Authentication Bypass Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/ Version: 2.3.35 Tested on: NA...
CVE-2019-7667
CVE-2019-7667 affects Prima Systems FlexAir (versions 2.3.38 and prior). The flaw is that database backup files are created with predictable names, allowing brute-force identification of the backup file. An attacker could download the backup, obtain login information, and bypass authentication to...