Emerge E3 Firmware

emerge_e3_firmware

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-31798 1Nortekcontrol 1Emerge E3 Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. This would allow an attacker to take over an admin...Show more Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. This would allow an attacker to take over an admin account or a user account.Show less
CVE-2022-31499 1Nortekcontrol 1Emerge E3 Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256.
CVE-2022-31269 1Nortekcontrol 1Emerge E3 Firmware Nov 21, 2024 Aug 25, 2022 N/A· v4 8.2 HIGH· v3 N/A· v2 Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have...Show more Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.)Show less
CVE-2018-5439 1Nortekcontrol 1Emerge E3 Firmware Nov 21, 2024 Feb 19, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A Command Injection issue was discovered in Nortek Linear eMerge E3 series Versions V0.32-07e and prior. A remote attacker may be able to execute arbitrary code on a target machine with elevated privileges.