Vulnerabilities > Nortekcontrol > Emerge E3 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-25 | CVE-2022-31499 | OS Command Injection vulnerability in Nortekcontrol Emerge E3 Firmware 0.3207E/0.3207P/0.3209C Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. | 9.8 |
| 2022-08-25 | CVE-2022-31798 | Session Fixation vulnerability in Nortekcontrol Emerge E3 Firmware 0.3207E/0.3207P Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. | 6.1 |
| 2022-08-25 | CVE-2022-31269 | Use of Hard-coded Credentials vulnerability in Nortekcontrol Emerge E3 Firmware 0.3207E/0.3207P/0.3209C Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. | 8.2 |
| 2018-02-19 | CVE-2018-5439 | Command Injection vulnerability in Nortekcontrol Emerge E3 Firmware 0.3207E A Command Injection issue was discovered in Nortek Linear eMerge E3 series Versions V0.32-07e and prior. | 9.8 |