Vulnerabilities > Nortekcontrol

DATE CVE VULNERABILITY TITLE RISK
2022-08-25 CVE-2022-31499 OS Command Injection vulnerability in Nortekcontrol Emerge E3 Firmware 0.3207E/0.3207P/0.3209C
Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo.
network
low complexity
nortekcontrol CWE-78
critical
 9.8
9.8
2022-08-25 CVE-2022-31798 Session Fixation vulnerability in Nortekcontrol Emerge E3 Firmware 0.3207E/0.3207P
Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together.
network
low complexity
nortekcontrol CWE-384
6.1
6.1
2022-08-25 CVE-2022-31269 Use of Hard-coded Credentials vulnerability in Nortekcontrol Emerge E3 Firmware 0.3207E/0.3207P/0.3209C
Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors.
network
low complexity
nortekcontrol CWE-798
8.2
8.2
2019-07-02 CVE-2019-7258 Incorrect Authorization vulnerability in Nortekcontrol products
Linear eMerge E3-Series devices allow Privilege Escalation.
network
low complexity
nortekcontrol CWE-863
8.8
8.8
2019-07-02 CVE-2019-7257 Unrestricted Upload of File with Dangerous Type vulnerability in Nortekcontrol products
Linear eMerge E3-Series devices allow Unrestricted File Upload.
network
low complexity
nortekcontrol CWE-434
critical
 10.0
10
2019-07-02 CVE-2019-7256 OS Command Injection vulnerability in Nortekcontrol products
Linear eMerge E3-Series devices allow Command Injections.
network
low complexity
nortekcontrol CWE-78
critical
 9.8
9.8
2019-07-02 CVE-2019-7255 Cross-site Scripting vulnerability in Nortekcontrol products
Linear eMerge E3-Series devices allow XSS.
network
low complexity
nortekcontrol CWE-79
6.1
6.1
2019-07-02 CVE-2019-7254 Path Traversal vulnerability in Nortekcontrol products
Linear eMerge E3-Series devices allow File Inclusion.
network
low complexity
nortekcontrol CWE-22
7.5
7.5
2019-07-02 CVE-2019-7253 Path Traversal vulnerability in Nortekcontrol products
Linear eMerge E3-Series devices allow Directory Traversal.
network
low complexity
nortekcontrol CWE-22
critical
 9.8
9.8
2019-07-02 CVE-2019-7252 Insecure Default Initialization of Resource vulnerability in Nortekcontrol products
Linear eMerge E3-Series devices have Default Credentials.
network
low complexity
nortekcontrol CWE-1188
critical
 9.8
9.8