Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
applied-risk.com vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-7256
Linear eMerge E3-Series devices allow Command Injections.
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
1 Metasploit module
10
CVSSv2
CVE-2019-7261
Linear eMerge E3-Series devices have Hard-coded Credentials.
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
10
CVSSv2
CVE-2019-7265
Linear eMerge E3-Series devices allow Remote Code Execution (root access over SSH).
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
1 EDB exploit
10
CVSSv2
CVE-2019-7268
Linear eMerge 50P/5000P devices allow Unauthenticated File Upload.
Nortekcontrol Linear Emerge 50p Firmware
Nortekcontrol Linear Emerge 5000p Firmware
10
CVSSv2
CVE-2019-7269
Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution.
Nortekcontrol Linear Emerge 50p Firmware
Nortekcontrol Linear Emerge 5000p Firmware
1 EDB exploit
10
CVSSv2
CVE-2019-7274
Optergy Proton/Enterprise devices allow Authenticated File Upload with Code Execution as root.
Optergy Proton
Optergy Enterprise
1 EDB exploit
10
CVSSv2
CVE-2019-7276
Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console.
Optergy Proton
Optergy Enterprise
1 EDB exploit
1 Metasploit module
1 Github repository
9
CVSSv2
CVE-2019-7669
Prima Systems FlexAir, Versions 2.3.38 and prior. Improper validation of file extensions when uploading files could allow a remote authenticated malicious user to upload and execute malicious applications within the application’s web root with root privileges.
Primasystems Flexair
9
CVSSv2
CVE-2019-7670
Prima Systems FlexAir, Versions 2.3.38 and prior. The application incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component, which could allow malicious users to execute commands directly on the operating system.
Primasystems Flexair
9
CVSSv2
CVE-2019-9189
Prima Systems FlexAir, Versions 2.4.9api3 and prior. The application allows the upload of arbitrary Python scripts when configuring the main central controller. These scripts can be immediately executed because of root code execution, not as a web server user, allowing an authent...
Primasystems Flexair
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »