PT-2022-24490

Name of the Vulnerable Software and Affected Versions Nortek Linear eMerge E3-Series versions 0.32-07e through 0.32-09c Description The software contains a SQL injection issue via the idt parameter. This allows for potential compromise of an enterprise building. Recommendations Versions 0.32-07e...

CVE-2022-46381

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter e.g., to the badging/badgetemplatev0.php component. This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e...

PT-2022-24491 · Nortek Linear · Emerge E3-Series

Name of the Vulnerable Software and Affected Versions: Nortek Linear eMerge E3-Series versions 0.32-07e through 0.32-09c Description: The issue is related to a cross-site scripting XSS vulnerability that is chained with a local session fixation, allowing attackers to escalate privileges via...

CVE-2022-31269

Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. This occurs in situations where the CVE-2019-7271 default credentials have been changed...

Nortek Control Linear eMerge E3-Series 操作系统命令注入漏洞

The Nortek Control Linear eMerge E3-Series is an access control from Nortek Control USA. It allows you to specify which doors can be used by people to enter and exit a specified location at a specified time. A security vulnerability exists in Nortek Control Linear eMerge E3-Series version 0.32-09...