CVE-2019-7666
28Vexday Risk Score
No sign of exploitation. It has a public proof of concept.
ssvc Attendepss 15%
from disclosure to weapon134 days
Published on NVDJul 1
1st PoC+134d
exploitation probability
15%top 4% of all CVEs
observed exploitation
nono source reports it
2 public exploit(s)
Prima Systems FlexAir, Versions 2.3.38 and prior. The application allows improper authentication using the MD5 hash value of the password, which may allow an attacker with access to the database to login as admin without decrypting the password.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/155262/Prima-FlexAir-Access-Control-2.3.35-Database-Backup-Predictable-Name.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47644unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.