PT-2022-24490

Name of the Vulnerable Software and Affected Versions Nortek Linear eMerge E3-Series versions 0.32-07e through 0.32-09c Description The software contains a SQL injection issue via the idt parameter. This allows for potential compromise of an enterprise building. Recommendations Versions 0.32-07e...

CVE-2022-46381

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter e.g., to the badging/badgetemplatev0.php component. This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e...

PT-2022-24491 · Nortek Linear · Emerge E3-Series

Name of the Vulnerable Software and Affected Versions: Nortek Linear eMerge E3-Series versions 0.32-07e through 0.32-09c Description: The issue is related to a cross-site scripting XSS vulnerability that is chained with a local session fixation, allowing attackers to escalate privileges via...

Nortek Linear eMerge E3 Series Command Injection Vulnerability

Nortek Security & Control is a company that provides wireless security, home automation and personal security systems and devices. A command injection vulnerability exists in Nortek Linear eMerge E3 Series V0.32-07e and prior versions, which can be exploited by a remote attacker to execute...