CVE-2019-7671
published 2019-06-05CVE-2019-7671: Prima Systems FlexAir, Versions 2.3.38 and prior. Parameters sent to scripts are not properly sanitized before being returned to the user, which may allow an…
PriorityP260critical9CVSS 3.1
AVNACLPRLUIRSCCHIHAH
EXPLOIT
EPSS
8.26%
94.2th percentile
Prima Systems FlexAir, Versions 2.3.38 and prior. Parameters sent to scripts are not properly sanitized before being returned to the user, which may allow an attacker to execute arbitrary code in a user’s browser session in context of an affected site.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| primasystems | flexair | <= 2.3.38 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor POST requests to /bin/sysfcgi.fx containing unsanitized script injection payloads in the HwName parameter, indicative of stored XSS exploitation. ↗
- →Inspect the Session-ID and Session-Pc custom headers in HTTP requests to /bin/sysfcgi.fx; their presence alongside XSS payloads indicates authenticated exploitation of CVE-2019-7671. ↗
- ·Exploitation requires prior authentication to the Prima Access Control web interface; unauthenticated access alone is insufficient to trigger the stored XSS. ↗
- ·The vulnerability affects Prima Systems FlexAir versions 2.3.38 and prior; detections should be scoped to this version range. ↗
CVSS provenance
nvdv3.19.0CRITICALCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6857-8pq4-3jcg: Prima Systems FlexAir devices allow Authenticated Stored XSS
ghsa_unreviewed·2022-05-24
CVE-2019-7671 [MEDIUM] CWE-79 GHSA-6857-8pq4-3jcg: Prima Systems FlexAir devices allow Authenticated Stored XSS
Prima Systems FlexAir devices allow Authenticated Stored XSS.
CISA ICS
Prima Systems FlexAir
cisa_ics·2019-07-30·CVSS 7.2
[HIGH] Prima Systems FlexAir
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Prima Systems FlexAir
Last RevisedJuly 30, 2019
Alert CodeICSA-19-211-02
## 1. EXECUTIVE SUMMARY
- CVSS v3 10.0
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Prima Systems
- Equipment: FlexAir
- Vulnerabilities: OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, Use of Hard-coded Credentials
## 2. RISK EVALUATION
Exploitation of these vulnerabilities may allow an attacke
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/155274/Prima-Access-Control-2.3.35-Cross-Site-Scripting.htmlhttps://applied-risk.com/index.php/download_file/view/199/165https://applied-risk.com/labs/advisorieshttps://applied-risk.com/resources/ar-2019-007https://www.us-cert.gov/ics/advisories/icsa-19-211-02http://packetstormsecurity.com/files/155274/Prima-Access-Control-2.3.35-Cross-Site-Scripting.htmlhttps://applied-risk.com/index.php/download_file/view/199/165https://applied-risk.com/labs/advisorieshttps://applied-risk.com/resources/ar-2019-007https://www.us-cert.gov/ics/advisories/icsa-19-211-02
2019-06-05
Published