Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter.
References
Link | Resource |
---|---|
https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-38627/CVE-2022-38627.txt | Exploit Third Party Advisory |
https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-38627/CVE-2022-38627.yaml | Exploit Third Party Advisory |
https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-38627/CVE-2022-38627.txt | Exploit Third Party Advisory |
https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-38627/CVE-2022-38627.yaml | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 07:16
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-38627/CVE-2022-38627.txt - Exploit, Third Party Advisory | |
References | () https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-38627/CVE-2022-38627.yaml - Exploit, Third Party Advisory |
Information
Published : 2023-01-03 21:15
Updated : 2024-11-21 07:16
NVD link : CVE-2022-38627
Mitre link : CVE-2022-38627
CVE.ORG link : CVE-2022-38627
JSON object : View
Products Affected
niceforyou
- linear_emerge_e3_access_control
- linear_emerge_e3_access_control_firmware
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')