Vulnerabilities > Nortekcontrol > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-25 | CVE-2022-31798 | Session Fixation vulnerability in Nortekcontrol Emerge E3 Firmware 0.3207E/0.3207P Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. | 6.1 |
| 2019-07-02 | CVE-2019-7255 | Cross-site Scripting vulnerability in Nortekcontrol products Linear eMerge E3-Series devices allow XSS. | 6.1 |
| 2019-07-02 | CVE-2019-7254 | Path Traversal vulnerability in Nortekcontrol products Linear eMerge E3-Series devices allow File Inclusion. | 5.0 |
| 2019-07-02 | CVE-2019-7252 | Insecure Default Initialization of Resource vulnerability in Nortekcontrol products Linear eMerge E3-Series devices have Default Credentials. | 5.0 |
| 2019-07-02 | CVE-2019-7260 | Insufficiently Protected Credentials vulnerability in Nortekcontrol products Linear eMerge E3-Series devices have Cleartext Credentials in a Database. | 5.0 |
| 2019-07-01 | CVE-2019-7271 | Insufficiently Protected Credentials vulnerability in Nortekcontrol products Nortek Linear eMerge 50P/5000P devices have Default Credentials. | 5.0 |