Vulnerabilities > Nortekcontrol > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-08-25 CVE-2022-31499 OS Command Injection vulnerability in Nortekcontrol Emerge E3 Firmware 0.3207E/0.3207P/0.3209C
Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo.
network
low complexity
nortekcontrol CWE-78
critical
 9.8
9.8
2019-07-02 CVE-2019-7257 Unrestricted Upload of File with Dangerous Type vulnerability in Nortekcontrol products
Linear eMerge E3-Series devices allow Unrestricted File Upload.
network
low complexity
nortekcontrol CWE-434
critical
 10.0
10
2019-07-02 CVE-2019-7256 OS Command Injection vulnerability in Nortekcontrol products
Linear eMerge E3-Series devices allow Command Injections.
network
low complexity
nortekcontrol CWE-78
critical
 9.8
9.8
2019-07-02 CVE-2019-7253 Path Traversal vulnerability in Nortekcontrol products
Linear eMerge E3-Series devices allow Directory Traversal.
network
low complexity
nortekcontrol CWE-22
critical
 9.8
9.8
2019-07-02 CVE-2019-7252 Insecure Default Initialization of Resource vulnerability in Nortekcontrol products
Linear eMerge E3-Series devices have Default Credentials.
network
low complexity
nortekcontrol CWE-1188
critical
 9.8
9.8
2019-07-02 CVE-2019-7261 Use of Hard-coded Credentials vulnerability in Nortekcontrol products
Linear eMerge E3-Series devices have Hard-coded Credentials.
network
low complexity
nortekcontrol CWE-798
critical
 9.8
9.8
2019-07-02 CVE-2019-7260 Insufficiently Protected Credentials vulnerability in Nortekcontrol products
Linear eMerge E3-Series devices have Cleartext Credentials in a Database.
network
low complexity
nortekcontrol CWE-522
critical
 9.8
9.8
2019-07-02 CVE-2019-7269 OS Command Injection vulnerability in Nortekcontrol products
Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution.
network
low complexity
nortekcontrol CWE-78
critical
 9.8
9.8
2019-07-02 CVE-2019-7268 Unrestricted Upload of File with Dangerous Type vulnerability in Nortekcontrol products
Linear eMerge 50P/5000P devices allow Unauthenticated File Upload.
network
low complexity
nortekcontrol CWE-434
critical
 10.0
10
2019-07-02 CVE-2019-7267 Path Traversal vulnerability in Nortekcontrol products
Linear eMerge 50P/5000P devices allow Cookie Path Traversal.
network
low complexity
nortekcontrol CWE-22
critical
 9.8
9.8