4 matches found
CVE-2022-38627
Nortek Linear eMerge E3-Series firmware versions 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e are affected by a SQL injection via the idt parameter. The underlying issue is an input injection flaw in the application layer, enabling unauthenticated access to extract sen...
CVE-2022-46381
Linear eMerge E3-Series devices are affected by a Cross-Site Scripting (XSS) vulnerability via the type parameter (examples: badging/badge_template_v0.php). Affected firmware/versions include 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e. The cross-site scripting could ...
CVE-2022-38628
CVE-2022-38628 affects Nortek Linear eMerge E3-Series, versions 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e. The vulnerability is a cross-site scripting (XSS) flaw chained with a local session fixation that enables privilege escalation via unspecified vectors. Public ...
CVE-2022-42710
CVE-2022-42710 affects Nice (formerly Nortek) Linear eMerge E3-Series devices and is a Stored XSS vulnerability. Affected versions include 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e (and 0.32-07e through 0.32-09c per PT-2022-7149). Root cause: insufficient protection...