895 matches found
CVE-2019-7265
CVE-2019-7265 affects Nice Linear eMerge E3-Series devices (firmware 1.00-06 and earlier). The root cause is SSH access with hardcoded credentials, enabling remote code execution with root privileges. Public exploit code exists (Metasploit/Exploit-DB entries) demonstrating remote access. Impact i...
CVE-2019-7266
Summary (CVE-2019-7266) : The Linear eMerge 50P/5000P access-control system contains an authentication bypass vulnerability (Improper Authentication, CWE-287) affecting versions up to 4.6.07 (revision 79330) and earlier. Exploitation could allow a remote attacker to bypass login checks and gain u...
CVE-2019-7266
Linear eMerge 50P/5000P devices allow Authentication Bypass...
CVE-2019-7267
Linear eMerge 50P/5000P devices allow Cookie Path Traversal...
CVE-2019-7267
Linear eMerge 50P/5000P devices are affected by CVE-2019-7267 (Cookie Path Traversal). Public documents confirm the vulnerability exists in Linear eMerge 50P/5000P, with affected versions up to 4.6.07 (and prior). CVSS details indicate network-exposed, low complexity, no authentication, with high...
CVE-2019-7268
Product affected: Linear eMerge 50P/5000P devices. Vulnerable component: unrestricted/unauthenticated file upload during firmware upgrade. Root cause: lack of validation in the upload mechanism allows arbitrary file uploads to web root, enabling remote code execution with web server privileges. V...
CVE-2019-7268
Linear eMerge 50P/5000P devices allow Unauthenticated File Upload...
CVE-2019-7269
The authenticated command-injection vulnerability CVE-2019-7269 affects Linear eMerge 50P/5000P devices (versions 4.6.07 and earlier). Root cause: the application constructs OS commands from externally influenced input without proper neutralization, enabling remote command execution with web serv...
CVE-2019-7269
Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution...
CVE-2019-7270
Linear eMerge 50P/5000P devices are affected by a CSRF vulnerability (CVE-2019-7270) in the web application. The issue arises from insufficient validation of requests from trusted users, enabling an attacker to induce unwanted actions if a user is authenticated. ICSA notes remote exploitation pot...
CVE-2019-7270
Linear eMerge 50P/5000P devices allow Cross-Site Request Forgery CSRF...
CVE-2019-7256
Linear eMerge E3-Series devices allow Command Injections...
CVE-2019-7256
Linear eMerge E3-Series devices allow Command Injections...
PT-2019-18497 · Linear · Linear Emerge 50P/5000P
Name of the Vulnerable Software and Affected Versions: Linear eMerge 50P/5000P devices affected versions not specified Description: The issue allows Cookie Path Traversal, which may lead to unauthorized access or data manipulation. No information is provided about the estimated number of...
CVE-2019-7256
CVE-2019-7256 concerns a remote OS command injection in Linear eMerge E3-Series devices. Multiple connected sources (ExploitDB entries for 1.00-06 and earlier 2.x/4.x sketches, a Metasploit/MISP-linked exploit pack, and CISA KEV listings) confirm unauthenticated remote code execution via the E3 a...
CVE-2019-7256
Linear eMerge E3-Series devices allow Command Injections. Recent assessments: h00die-gr3y at December 03, 2022 12:46pm UTC reported: Building Automation and Access Control systems are at the heart of many critical infrastructures, and their security is vital. Executing attacks on these systems ma...
Nortek Security & Control Linear eMerge 50P/5000P Trust Management Issue Vulnerability
Nortek Security & Control Linear eMerge 50P/5000P is a browser-based access control system from Nortek Security & Control, USA. A vulnerability in Nortek Security & Control Linear eMerge 50P/5000P exists due to a trust management issue. The vulnerability stems from the lack of an effective trust...
PT-2019-18486 · Linear · Linear Emerge E3-Series
Name of the Vulnerable Software and Affected Versions: Linear eMerge E3-Series versions le1.00-06 Description: The issue allows Command Injections. Linear eMerge E3-Series devices are affected. The vulnerability was exploited in the wild, posing significant security risks. Recommendations: For...
PT-2019-18489 · Linear · Linear Emerge E3-Series
Name of the Vulnerable Software and Affected Versions: Linear eMerge E3-Series devices affected versions not specified Description: The issue allows for Authorization Bypass with Information Disclosure. Recommendations: At the moment, there is no information about a newer version that contains a...
PT-2019-18487 · Linear · Linear Emerge E3-Series
Name of the Vulnerable Software and Affected Versions: Linear eMerge E3-Series devices affected versions not specified Description: The issue allows for Unrestricted File Upload. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerabili...