Lucene search
K

224 matches found

Vulnrichment
Vulnrichment
added 2023/01/03 12:0 a.m.16 views

CVE-2022-38627

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter...

8.3AI score0.0427EPSS
Exploits2References2
Cvelist
Cvelist
added 2023/01/03 12:0 a.m.24 views

CVE-2022-42710

Nice formerly Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e devices are vulnerable to Stored Cross-Site Scripting XSS...

5.6AI score0.00554EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/12/17 12:0 a.m.7 views

PT-2022-7149 · Linear · Linear Emerge E3-Series

Name of the Vulnerable Software and Affected Versions: Linear eMerge E3-Series versions 0.32-07e through 0.32-09c Description: The issue is related to the lack of protection for the web page structure, allowing a remote attacker to conduct a cross-site scripting XSS attack. This can be exploited ...

5.5CVSS6.2AI score0.00554EPSS
Exploits1References8
NVD
NVD
added 2022/12/13 10:15 p.m.24 views

CVE-2022-46381

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter e.g., to the badging/badgetemplatev0.php component. This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e...

6.1CVSS0.01739EPSS
Exploits1References1
OSV
OSV
added 2022/12/13 10:15 p.m.7 views

CVE-2022-46381

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter e.g., to the badging/badgetemplatev0.php component. This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e...

6.1CVSS5.8AI score0.01739EPSS
Exploits1References1
NVD
NVD
added 2022/12/13 9:15 p.m.31 views

CVE-2022-38628

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting XSS vulnerability which is chained with a local session fixation. This vulnerability allows attackers to escalate privileges via unspecified...

6.1CVSS0.00893EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/12/13 12:0 a.m.4 views

Nortek Control Linear eMerge E3-Series 授权问题漏洞

The Nortek Control Linear eMerge E3-Series is an access control from Nortek Control USA. It allows you to specify which doors a person can use to enter and exit a specified location at a specified time. An authorization issue vulnerability exists in several versions of the Nortek Control Linear...

6.1CVSS5.4AI score0.00893EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/12/13 12:0 a.m.11 views

CVE-2022-46381

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter e.g., to the badging/badgetemplatev0.php component. This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e...

6.2AI score0.01739EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2022/12/12 4:36 p.m.7 views

Exploit for SQL Injection in Niceforyou Linear_Emerge_E3_Access_Control_Firmware

Research: https://omar0x01.medium.com/cve-2022-38627-a-journ...

9.8CVSS7AI score0.0427EPSS
Exploits2
NVD
NVD
added 2022/08/25 11:15 p.m.43 views

CVE-2022-31499

Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256...

9.8CVSS0.64589EPSS
Exploits3References3
NVD
NVD
added 2022/08/25 11:15 p.m.43 views

CVE-2022-31798

Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /cardscan.php?CardFormatNo= XSS with session fixation via PHPSESSID when they are chained together. This would allow an attacker to take over an admin account or a user account...

6.1CVSS0.06652EPSS
Exploits2References3
Prion
Prion
added 2022/08/25 11:15 p.m.37 views

Design/Logic Flaw

Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256...

7.5CVSS9.6AI score0.97136EPSS
Exploits19References3Affected Software1
NVD
NVD
added 2022/08/25 10:15 p.m.33 views

CVE-2022-31269

Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. This occurs in situations where the CVE-2019-7271 default credentials have been changed...

8.2CVSS0.05055EPSS
Exploits3References4
Prion
Prion
added 2022/08/25 10:15 p.m.22 views

Default credentials

Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. This occurs in situations where the CVE-2019-7271 default credentials have been changed...

6.4CVSS8.1AI score0.05055EPSS
Exploits3References4Affected Software1
Cvelist
Cvelist
added 2022/08/25 10:9 p.m.39 views

CVE-2022-31499

Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256...

9.9AI score0.64589EPSS
Exploits3References3
CVE
CVE
added 2022/08/25 10:9 p.m.104 views

CVE-2022-31499

CVE-2022-31499 affects Nortek Linear eMerge E3-Series devices prior to version 0.32-08f, where an unauthenticated attacker can inject OS commands via ReaderNo. This extends an earlier issue from CVE-2019-7256 (incomplete fix leading to OS command injection). Public materials from Exploit-DB and C...

9.8CVSS9.6AI score0.64589EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2022/08/25 9:59 p.m.50 views

CVE-2022-31269

Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. This occurs in situations where the CVE-2019-7271 default credentials have been changed...

8.5AI score0.05055EPSS
Exploits3References4
Packet Storm
Packet Storm
added 2022/08/08 12:0 a.m.289 views

Nortek Linear eMerge E3-Series Account Takeover

Exploit Title: Nortek Linear eMerge E3-Series - Account Take Over Exploit Author: Omar Hashim Version: 0.32-07p Vendor home page: https://www.nortekcontrol.com/access-control/ Vendor home page: https://linear-solutions.com/ Authentication Required: No CVE: CVE-2022-31798 Description...

0.1AI score0.06652EPSS
Exploits2
0day.today
0day.today
added 2022/08/08 12:0 a.m.387 views

Nortek Linear eMerge E3-Series Command Injection Vulnerability

Exploit Title: Nortek Linear eMerge E3-Series - Blind OS Command Injection Exploit Author: Omar Hashim Version: 0.32-09c Vendor home page: https://www.nortekcontrol.com/access-control/ Vendor home page: https://linear-solutions.com/ Authentication Required: No CVE: CVE-2022-31499 POC:...

9.8CVSS0.4AI score0.64589EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/08/08 12:0 a.m.417 views

Nortek Linear eMerge E3-Series Command Injection

Exploit Title: Nortek Linear eMerge E3-Series - Blind OS Command Injection Exploit Author: Omar Hashim Version: 0.32-09c Vendor home page: https://www.nortekcontrol.com/access-control/ Vendor home page: https://linear-solutions.com/ Authentication Required: No CVE: CVE-2022-31499 POC:...

0.4AI score0.64589EPSS
Exploits3
Rows per page
Query Builder