Filtered by vendor Nortekcontrol
Subscribe
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31798 | 1 Nortekcontrol | 2 Emerge E3, Emerge E3 Firmware | 2024-11-21 | N/A | 6.1 MEDIUM |
| Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. This would allow an attacker to take over an admin account or a user account. | |||||
| CVE-2022-31499 | 1 Nortekcontrol | 2 Emerge E3, Emerge E3 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256. | |||||
| CVE-2022-31269 | 1 Nortekcontrol | 2 Emerge E3, Emerge E3 Firmware | 2024-11-21 | N/A | 8.2 HIGH |
| Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.) | |||||
| CVE-2019-7271 | 1 Nortekcontrol | 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| Nortek Linear eMerge 50P/5000P devices have Default Credentials. | |||||
| CVE-2019-7270 | 1 Nortekcontrol | 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Linear eMerge 50P/5000P devices allow Cross-Site Request Forgery (CSRF). | |||||
| CVE-2019-7269 | 1 Nortekcontrol | 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution. | |||||
| CVE-2019-7268 | 1 Nortekcontrol | 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more | 2024-11-21 | 10.0 HIGH | 10.0 CRITICAL |
| Linear eMerge 50P/5000P devices allow Unauthenticated File Upload. | |||||
| CVE-2019-7267 | 1 Nortekcontrol | 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Linear eMerge 50P/5000P devices allow Cookie Path Traversal. | |||||
| CVE-2019-7266 | 1 Nortekcontrol | 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Linear eMerge 50P/5000P devices allow Authentication Bypass. | |||||
| CVE-2019-7265 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Linear eMerge E3-Series devices allow Remote Code Execution (root access over SSH). | |||||
| CVE-2019-7264 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Linear eMerge E3-Series devices allow a Stack-based Buffer Overflow on the ARM platform. | |||||
| CVE-2019-7263 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Linear eMerge E3-Series devices have a Version Control Failure. | |||||
| CVE-2019-7262 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Linear eMerge E3-Series devices allow Cross-Site Request Forgery (CSRF). | |||||
| CVE-2019-7261 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Linear eMerge E3-Series devices have Hard-coded Credentials. | |||||
| CVE-2019-7260 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| Linear eMerge E3-Series devices have Cleartext Credentials in a Database. | |||||
| CVE-2019-7259 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| Linear eMerge E3-Series devices allow Authorization Bypass with Information Disclosure. | |||||
| CVE-2019-7258 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Linear eMerge E3-Series devices allow Privilege Escalation. | |||||
| CVE-2019-7257 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
| Linear eMerge E3-Series devices allow Unrestricted File Upload. | |||||
| CVE-2019-7256 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Linear eMerge E3-Series devices allow Command Injections. | |||||
| CVE-2019-7255 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Linear eMerge E3-Series devices allow XSS. | |||||