Emerge E3 Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:nortekcontrol:emerge_e3_firmware:*:*:*:*:*:*:*:*
part: o version: * update: *
| Vendor | Nortekcontrol (492280f9-cfba-5476-b39d-54205118b0c5) |
|---|---|
| Product | Emerge E3 Firmware (766b96c6-8ff4-5aa7-9ae8-743707138879) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-9441 |
vulnerable | 2026-06-08 07:00:27.534646 |
Linear eMerge e3-Series Forgot Password Command Injection
CRITICAL (9.8)
The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary OS commands via the login_id parameter when invoking the forgot_password functionality over HTTP.
Published: 2024-10-02T18:50:10.938Z
Updated: 2024-10-02T19:08:03.687Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-31798 |
vulnerable | 2026-06-08 05:44:42.278561 |
Details available
Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. This would allow an attacker to take over an admin account or a user account.
Published: 2022-08-25T22:15:45.000Z
Updated: 2024-08-03T07:26:01.358Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-31499 |
vulnerable | 2026-06-08 05:43:40.975445 |
Details available
Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256.
Published: 2022-08-25T22:09:38.000Z
Updated: 2024-08-03T07:19:06.090Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-31269 |
vulnerable | 2026-06-08 05:43:40.684402 |
Details available
Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.)
Published: 2022-08-25T21:59:52.000Z
Updated: 2024-08-03T07:11:39.944Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-5439 |
vulnerable | 2026-06-08 05:11:51.000887 |
Details available
A Command Injection issue was discovered in Nortek Linear eMerge E3 series Versions V0.32-07e and prior. A remote attacker may be able to execute arbitrary code on a target machine with elevated privileges.
Published: 2018-02-19T18:00:00.000Z
Updated: 2024-08-05T05:33:44.375Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.