Lucene search
Omar HashimPACKETSTORM:167990HistoryAug 08, 2022 - 12:00 a.m.
Nortek Linear eMerge E3-Series Credential Disclosure
2022-08-0800:00:00
Omar Hashim
packetstormsecurity.com
289
0.003 Low
EPSS
Percentile
68.8%
`# Exploit Title: Nortek Linear eMerge E3-Series - Information
Disclosure lead to access admin dashboard
# Exploit Author: Omar Hashim
# Version: 0.32-07p,0.32-07e,0.32-07p,0.32-08f,0.32-09c
# Vendor home page : https://www.nortekcontrol.com/access-control/
# Vendor home page : https://linear-solutions.com/
# Authentication Required: No
# CVE : CVE-2022-31269
# Description
====================
Admin credentials are stored in clear text at the endpoint /test.txt
(This occurs in situations where the default credentials admin:admin have been
changed.) Allows an unauthenticated attacker to obtain admini
credentials, access
the admin dashboard of Linear eMerge E3-Series devices, control entire building
doors, cameras, elevator, etc... and access information about employees who can
access the building and take control of the entire building
#Proof Of Concept:
====================
http://<HOST:PORT>/test.txt
`
Related
nuclei
nuclei
Linear eMerge E3-Series - Information Disclosure
2022-08-11 05:26:52
githubexploit
githubexploit
zdt
zdt
Nortek Linear eMerge E3-Series Credential Disclosure Vulnerability
2022-08-08 00:00:00
cve
cve
CVE-2022-31269
2022-08-25 22:15:08
cvelist
cvelist
CVE-2022-31269
2022-08-25 21:59:52
nvd
nvd
CVE-2022-31269
2022-08-25 22:15:08
prion
prion
Default credentials
2022-08-25 22:15:00