Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nortekcontrol vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-31798
Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. This would allow an malicious user to take over an admin account or a user account.
Nortekcontrol Emerge E3 Firmware
1 Github repository
NA
CVE-2022-31499
Nortek Linear eMerge E3-Series devices prior to 0.32-08f allow an unauthenticated malicious user to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256.
Nortekcontrol Emerge E3 Firmware
1 Github repository
NA
CVE-2022-31269
Nortek Linear eMerge E3-Series devices up to and including 0.32-09c place admin credentials in /test.txt that allow an malicious user to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.)
Nortekcontrol Emerge E3 Firmware
2 Github repositories
435
VMScore
CVE-2019-7255
Linear eMerge E3-Series devices allow XSS.
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
1 EDB exploit
755
VMScore
CVE-2019-7257
Linear eMerge E3-Series devices allow Unrestricted File Upload.
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
1 EDB exploit
445
VMScore
CVE-2019-7254
Linear eMerge E3-Series devices allow File Inclusion.
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
578
VMScore
CVE-2019-7258
Linear eMerge E3-Series devices allow Privilege Escalation.
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
445
VMScore
CVE-2019-7252
Linear eMerge E3-Series devices have Default Credentials.
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
668
VMScore
CVE-2019-7253
Linear eMerge E3-Series devices allow Directory Traversal.
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
1000
VMScore
CVE-2019-7256
Linear eMerge E3-Series devices allow Command Injections.
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
1 Metasploit module
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »