Lucene search
+L

336 matches found

CNNVD
CNNVD
added 2023/01/03 12:0 a.m.7 views

Nortek Control Linear eMerge E3-Series 跨站脚本漏洞

The Nortek Control Linear eMerge E3-Series is an access control from Nortek Control USA. It allows you to specify which doors a person can use to enter and exit a specified location at a specified time. A security vulnerability exists in several versions of the Nortek Control Linear eMerge...

5.4CVSS4.9AI score0.00554EPSS
Exploits1References2
CVE
CVE
added 2023/01/03 12:0 a.m.102 views

CVE-2022-38627

Nortek Linear eMerge E3-Series firmware versions 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e are affected by a SQL injection via the idt parameter. The underlying issue is an input injection flaw in the application layer, enabling unauthenticated access to extract sen...

9.8CVSS9.8AI score0.0427EPSS
In wildExploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/31 12:0 a.m.7 views

PT-2022-24490

Name of the Vulnerable Software and Affected Versions Nortek Linear eMerge E3-Series versions 0.32-07e through 0.32-09c Description The software contains a SQL injection issue via the idt parameter. This allows for potential compromise of an enterprise building. Recommendations Versions 0.32-07e...

9.8CVSS9.4AI score0.0427EPSS
Exploits2References9
Positive Technologies
Positive Technologies
added 2022/12/17 12:0 a.m.13 views

PT-2022-7149 · Linear · Linear Emerge E3-Series

Name of the Vulnerable Software and Affected Versions: Linear eMerge E3-Series versions 0.32-07e through 0.32-09c Description: The issue is related to the lack of protection for the web page structure, allowing a remote attacker to conduct a cross-site scripting XSS attack. This can be exploited ...

5.5CVSS6.2AI score0.00554EPSS
Exploits1References8
NVD
NVD
added 2022/12/13 10:15 p.m.24 views

CVE-2022-46381

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter e.g., to the badging/badgetemplatev0.php component. This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e...

6.1CVSS0.01739EPSS
Exploits1References1
OSV
OSV
added 2022/12/13 10:15 p.m.7 views

CVE-2022-46381

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter e.g., to the badging/badgetemplatev0.php component. This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e...

6.1CVSS5.8AI score0.01739EPSS
Exploits1References1
Prion
Prion
added 2022/12/13 10:15 p.m.18 views

Design/Logic Flaw

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter e.g., to the badging/badgetemplatev0.php component. This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e...

5.8CVSS5.9AI score0.01739EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/12/13 9:15 p.m.7 views

CVE-2022-38628

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting XSS vulnerability which is chained with a local session fixation. This vulnerability allows attackers to escalate privileges via unspecified...

6.1CVSS5.7AI score0.00893EPSS
Exploits1References1
NVD
NVD
added 2022/12/13 9:15 p.m.33 views

CVE-2022-38628

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting XSS vulnerability which is chained with a local session fixation. This vulnerability allows attackers to escalate privileges via unspecified...

6.1CVSS0.00893EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.7 views

PT-2022-24491 · Nortek Linear · Emerge E3-Series

Name of the Vulnerable Software and Affected Versions: Nortek Linear eMerge E3-Series versions 0.32-07e through 0.32-09c Description: The issue is related to a cross-site scripting XSS vulnerability that is chained with a local session fixation, allowing attackers to escalate privileges via...

6.1CVSS6.1AI score0.00893EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/12/13 12:0 a.m.30 views

CVE-2022-38628

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting XSS vulnerability which is chained with a local session fixation. This vulnerability allows attackers to escalate privileges via unspecified...

6.4AI score0.00893EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/12/13 12:0 a.m.11 views

CVE-2022-46381

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter e.g., to the badging/badgetemplatev0.php component. This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e...

6.2AI score0.01739EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/12/13 12:0 a.m.34 views

CVE-2022-46381

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter e.g., to the badging/badgetemplatev0.php component. This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e...

6.2AI score0.01739EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/12/13 12:0 a.m.5 views

Nortek Control Linear eMerge E3-Series 授权问题漏洞

The Nortek Control Linear eMerge E3-Series is an access control from Nortek Control USA. It allows you to specify which doors a person can use to enter and exit a specified location at a specified time. An authorization issue vulnerability exists in several versions of the Nortek Control Linear...

6.1CVSS5.4AI score0.00893EPSS
Exploits1References2
CVE
CVE
added 2022/12/13 12:0 a.m.71 views

CVE-2022-38628

CVE-2022-38628 affects Nortek Linear eMerge E3-Series, versions 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e. The vulnerability is a cross-site scripting (XSS) flaw chained with a local session fixation that enables privilege escalation via unspecified vectors. Public ...

6.1CVSS6.2AI score0.00893EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/12/13 12:0 a.m.6 views

Nortek Control Linear eMerge E3-Series 跨站脚本漏洞

The Nortek Control Linear eMerge E3-Series is an access control from Nortek Control USA. It allows you to specify which doors a person can use to enter and exit a specified location at a specified time. A security vulnerability exists in the Nortek Control Linear eMerge E3-Series that stems from...

6.1CVSS6.2AI score0.01739EPSS
Exploits1References2
CVE
CVE
added 2022/12/13 12:0 a.m.80 views

CVE-2022-46381

Linear eMerge E3-Series devices are affected by a Cross-Site Scripting (XSS) vulnerability via the type parameter (examples: badging/badge_template_v0.php). Affected firmware/versions include 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e. The cross-site scripting could ...

6.1CVSS6AI score0.01739EPSS
In wildExploits1References1Affected Software1
GithubExploit
GithubExploit
added 2022/12/12 4:36 p.m.7 views

Exploit for SQL Injection in Niceforyou Linear_Emerge_E3_Access_Control_Firmware

Research: https://omar0x01.medium.com/cve-2022-38627-a-journ...

9.8CVSS7AI score0.0427EPSS
Exploits2
OSV
OSV
added 2022/08/25 11:15 p.m.5 views

CVE-2022-31499

Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256...

9.8CVSS7.3AI score0.64589EPSS
Exploits3References3
OSV
OSV
added 2022/08/25 11:15 p.m.5 views

CVE-2022-31798

Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /cardscan.php?CardFormatNo= XSS with session fixation via PHPSESSID when they are chained together. This would allow an attacker to take over an admin account or a user account...

6.1CVSS5.8AI score0.06652EPSS
Exploits2References3
Rows per page
Query Builder