CVE-2019-9189 (flexair)

On Prima Systems FlexAir devices through 2.4.9api3, an authenticated user can upload Python (.py) scripts and execute arbitrary code with root privileges.
Source: NIST
CVE-2019-9189 (flexair)