Lucene search
K
NortekcontrolLinear Emerge Essential Firmware

14 matches found

CVE
CVE
added 2019/07/02 12:0 a.m.416 views

CVE-2019-7256

CVE-2019-7256 concerns a remote OS command injection in Linear eMerge E3-Series devices. Multiple connected sources (ExploitDB entries for 1.00-06 and earlier 2.x/4.x sketches, a Metasploit/MISP-linked exploit pack, and CISA KEV listings) confirm unauthenticated remote code execution via the E3 a...

10CVSS9.4AI score0.97136EPSS
In wildWeb
CVE
CVE
added 2019/07/02 6:54 p.m.244 views

CVE-2019-7252

CVE-2019-7252 affects Nortek/Nortek Security & Control Linear eMerge E3-Series devices. The connected sources confirm a trust-management issue enabling default credentials to be used by an attacker, potentially leading to privilege escalation and root access. Public records reference default-pass...

9.8CVSS9.5AI score0.04854EPSS
In wild
CVE
CVE
added 2019/07/02 6:51 p.m.237 views

CVE-2019-7254

CVE-2019-7254 affects Linear eMerge E3-Series firmware versions 1.00-06 and earlier. The connected sources explicitly describe a Local File Inclusion via directory traversal in the web interface, enabling an unauthenticated or low-privilege attacker to access restricted files (e.g., via a crafted...

7.5CVSS7.5AI score0.82036EPSS
In wildWeb
CVE
CVE
added 2019/07/02 6:44 p.m.200 views

CVE-2019-7255

CVE-2019-7255 affects Linear eMerge E3-Series devices. The Nuclei template documents a Cross-Site Scripting (XSS) vulnerability exploitable via the layout parameter in the web interface (e.g., badge_template_v0.php?layout=...). Impact: attacker can execute arbitrary script in a user’s browser, wi...

6.1CVSS6.2AI score0.55807EPSS
Web
CVE
CVE
added 2019/07/02 4:49 p.m.176 views

CVE-2019-7265

CVE-2019-7265 affects Nice Linear eMerge E3-Series devices (firmware 1.00-06 and earlier). The root cause is SSH access with hardcoded credentials, enabling remote code execution with root privileges. Public exploit code exists (Metasploit/Exploit-DB entries) demonstrating remote access. Impact i...

10CVSS9.6AI score0.23123EPSS
Web
CVE
CVE
added 2019/07/02 6:16 p.m.146 views

CVE-2019-7257

The connected ICS advisory confirms CVE-2019-7257 affects Nice Linear eMerge E3-Series devices (firmware 1.00-06 and earlier). The vulnerability is Unrestricted Upload of a File with Dangerous Type, enabling remote code execution by uploading a malicious file to the device’s web root. MITRE CVSS ...

10CVSS9.4AI score0.69992EPSS
Web
CVE
CVE
added 2019/07/02 5:1 p.m.144 views

CVE-2019-7262

CVE-2019-7262 affects Nice Linear eMerge E3-Series devices (firmware 1.00-06 and prior). The vulnerability is Cross-Site Request Forgery (CSRF) in the device’s web interface, caused by insufficient validation of requests from trusted users, enabling an attacker to perform actions with administrat...

8.8CVSS8.7AI score0.16278EPSS
Web
CVE
CVE
added 2019/07/02 6:3 p.m.136 views

CVE-2019-7258

CVE-2019-7258 affects Nice Linear eMerge E3-Series firmware 1.00-06 and earlier. Root cause: incorrect authorization (CWE-863) allowing privilege escalation. Impact: attacker could escalate to higher privileges and gain full control of the device; exposure is local to the device’s control interfa...

8.8CVSS8.7AI score0.19615EPSS
CVE
CVE
added 2019/07/02 5:9 p.m.129 views

CVE-2019-7259

CVE-2019-7259 affects Nice Linear eMerge E3-Series (firmware 1.00-06 and prior). The vulnerability allows an authorization bypass via a specific GET request, causing disclosure of administrative credentials and full control of the control interface. The issue is part of a broader set of flaws in ...

8.8CVSS8.7AI score0.13178EPSS
Web
CVE
CVE
added 2019/07/02 6:53 p.m.124 views

CVE-2019-7253

CVE-2019-7253 affects Nice Linear eMerge E3-Series firmware 1.00-06 and prior, where improper limitation of a pathname to a restricted directory (path traversal) can enable a remote attacker to access restricted files and user data. The Red Hat advisory and CISA/ICS sources confirm a high-severit...

9.8CVSS9.4AI score0.0301EPSS
CVE
CVE
added 2019/07/02 5:3 p.m.116 views

CVE-2019-7261

The CVE-2019-7261 entry affects Nice/Nortek Linear eMerge E3-Series devices (firmware 1.00-06 and earlier). The root cause is hard-coded credentials, including SSH access to root with embedded credentials, enabling full system compromise. Impact described across sources: remote access with high c...

10CVSS9.4AI score0.05467EPSS
CVE
CVE
added 2019/07/02 5:0 p.m.108 views

CVE-2019-7263

CVE-2019-7263 affects Linear eMerge E3-Series devices and is described as a Version Control Failure. Connected sources corroborate the affected product and nature of the issue. The NVD entry assigns a high/critical impact profile (CVSSv3: 9.8) with network attack vector, no authentication/privile...

10CVSS9.4AI score0.01795EPSS
CVE
CVE
added 2019/07/02 5:6 p.m.104 views

CVE-2019-7260

CVE-2019-7260 affects Nice Linear eMerge E3-Series firmware 1.00-06 and prior. The vulnerability is insufficiently protected credentials: passwords stored in plaintext in the device’s database, enabling an attacker to obtain admin credentials and compromise the control interface. Reported CVSS v3...

9.8CVSS9.3AI score0.0663EPSS
CVE
CVE
added 2019/07/02 4:58 p.m.87 views

CVE-2019-7264

CVE-2019-7264 affects Nice Linear eMerge E3-Series devices. The vulnerability is a stack-based buffer overflow in multiple CGI binaries on firmware versions 1.00-06 and prior, caused by a boundary error in processing user input. Impacted devices could allow an attacker to execute arbitrary code o...

9.8CVSS9.4AI score0.02194EPSS