Published: 25/08/2022 Updated: 02/09/2022

CVSS v3 Base Score: 8.2 | Impact Score: 4.2 | Exploitability Score: 3.9

VMScore: 0

Nortek Linear eMerge E3-Series devices up to and including 0.32-09c place admin credentials in /test.txt that allow an malicious user to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.)

Vulnerable Product	Search on Vulmon	Subscribe to Product
nortekcontrol emerge_e3_firmware

Nortek Linear eMerge E3-Series versions 032-07p, 032-07e, 032-07p, 032-08f, and 032-09c suffer from an administrative credential disclosure vulnerability ...

Nortek Control Linear eMerge E3-Series 信息泄露

CVE-2022-31269 Nortek Control Linear eMerge E3-Series 信息泄露 Optional Arguments: -h, --help show this help message and exit -u url, --url url Target url eg:"127001" -f file, --file file Targets in file eg:"iptxt" Use python3 CVE-2022-31269py -u 127001 python3 CVE-2022-31269py -f iptxt Link henry4e36top/

CVE-2022-31269 Proof of Concept

CVE : CVE-2022-31269 Exploit Title: Nortek Linear eMerge E3-Series - Information Disclosure leads to access admin dashboard

CWE-798 https://eg.linkedin.com/in/omar-1-hashem https://www.nortekcontrol.com/access-control/https://gist.github.com/omarhashem123/71ec9223e90ea76a76096d777d9b945c http://packetstormsecurity.com/files/167990/Nortek-Linear-eMerge-E3-Series-Credential-Disclosure.html https://nvd.nist.gov https://github.com/Henry4E36/CVE-2022-31269 https://packetstormsecurity.com/files/167990/Nortek-Linear-eMerge-E3-Series-Credential-Disclosure.html

CVE-2022-31269

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect