14 matches found
CVE-2019-7256
CVE-2019-7256 concerns a remote OS command injection in Linear eMerge E3-Series devices. Multiple connected sources (ExploitDB entries for 1.00-06 and earlier 2.x/4.x sketches, a Metasploit/MISP-linked exploit pack, and CISA KEV listings) confirm unauthenticated remote code execution via the E3 a...
CVE-2019-7252
CVE-2019-7252 affects Nortek/Nortek Security & Control Linear eMerge E3-Series devices. The connected sources confirm a trust-management issue enabling default credentials to be used by an attacker, potentially leading to privilege escalation and root access. Public records reference default-pass...
CVE-2019-7254
CVE-2019-7254 affects Linear eMerge E3-Series firmware versions 1.00-06 and earlier. The connected sources explicitly describe a Local File Inclusion via directory traversal in the web interface, enabling an unauthenticated or low-privilege attacker to access restricted files (e.g., via a crafted...
CVE-2019-7255
CVE-2019-7255 affects Linear eMerge E3-Series devices. The Nuclei template documents a Cross-Site Scripting (XSS) vulnerability exploitable via the layout parameter in the web interface (e.g., badge_template_v0.php?layout=...). Impact: attacker can execute arbitrary script in a user’s browser, wi...
CVE-2019-7265
CVE-2019-7265 affects Nice Linear eMerge E3-Series devices (firmware 1.00-06 and earlier). The root cause is SSH access with hardcoded credentials, enabling remote code execution with root privileges. Public exploit code exists (Metasploit/Exploit-DB entries) demonstrating remote access. Impact i...
CVE-2019-7257
The connected ICS advisory confirms CVE-2019-7257 affects Nice Linear eMerge E3-Series devices (firmware 1.00-06 and earlier). The vulnerability is Unrestricted Upload of a File with Dangerous Type, enabling remote code execution by uploading a malicious file to the device’s web root. MITRE CVSS ...
CVE-2019-7262
CVE-2019-7262 affects Nice Linear eMerge E3-Series devices (firmware 1.00-06 and prior). The vulnerability is Cross-Site Request Forgery (CSRF) in the device’s web interface, caused by insufficient validation of requests from trusted users, enabling an attacker to perform actions with administrat...
CVE-2019-7258
CVE-2019-7258 affects Nice Linear eMerge E3-Series firmware 1.00-06 and earlier. Root cause: incorrect authorization (CWE-863) allowing privilege escalation. Impact: attacker could escalate to higher privileges and gain full control of the device; exposure is local to the device’s control interfa...
CVE-2019-7259
CVE-2019-7259 affects Nice Linear eMerge E3-Series (firmware 1.00-06 and prior). The vulnerability allows an authorization bypass via a specific GET request, causing disclosure of administrative credentials and full control of the control interface. The issue is part of a broader set of flaws in ...
CVE-2019-7253
CVE-2019-7253 affects Nice Linear eMerge E3-Series firmware 1.00-06 and prior, where improper limitation of a pathname to a restricted directory (path traversal) can enable a remote attacker to access restricted files and user data. The Red Hat advisory and CISA/ICS sources confirm a high-severit...
CVE-2019-7261
The CVE-2019-7261 entry affects Nice/Nortek Linear eMerge E3-Series devices (firmware 1.00-06 and earlier). The root cause is hard-coded credentials, including SSH access to root with embedded credentials, enabling full system compromise. Impact described across sources: remote access with high c...
CVE-2019-7263
CVE-2019-7263 affects Linear eMerge E3-Series devices and is described as a Version Control Failure. Connected sources corroborate the affected product and nature of the issue. The NVD entry assigns a high/critical impact profile (CVSSv3: 9.8) with network attack vector, no authentication/privile...
CVE-2019-7260
CVE-2019-7260 affects Nice Linear eMerge E3-Series firmware 1.00-06 and prior. The vulnerability is insufficiently protected credentials: passwords stored in plaintext in the device’s database, enabling an attacker to obtain admin credentials and compromise the control interface. Reported CVSS v3...
CVE-2019-7264
CVE-2019-7264 affects Nice Linear eMerge E3-Series devices. The vulnerability is a stack-based buffer overflow in multiple CGI binaries on firmware versions 1.00-06 and prior, caused by a boundary error in processing user input. Impacted devices could allow an attacker to execute arbitrary code o...