Approved changes feed: RSS · Atom

cpe:2.3:h:nortekcontrol:emerge_e3:-:*:*:*:*:*:*:*

part: h version: - update: *

VendorNortekcontrol (492280f9-cfba-5476-b39d-54205118b0c5)
ProductEmerge E3 (e171770f-c057-55f2-90eb-b11c318c98d3)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-31798 not_vulnerable 2026-06-08 05:44:42.279231 Details available
Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. This would allow an attacker to take over an admin account or a user account.
Published: 2022-08-25T22:15:45.000Z
Updated: 2024-08-03T07:26:01.358Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-31499 not_vulnerable 2026-06-08 05:43:40.975553 Details available
Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256.
Published: 2022-08-25T22:09:38.000Z
Updated: 2024-08-03T07:19:06.090Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-31269 not_vulnerable 2026-06-08 05:43:40.685570 Details available
Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.)
Published: 2022-08-25T21:59:52.000Z
Updated: 2024-08-03T07:11:39.944Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-5439 not_vulnerable 2026-06-08 05:11:51.001627 Details available
A Command Injection issue was discovered in Nortek Linear eMerge E3 series Versions V0.32-07e and prior. A remote attacker may be able to execute arbitrary code on a target machine with elevated privileges.
Published: 2018-02-19T18:00:00.000Z
Updated: 2024-08-05T05:33:44.375Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.