Filtered by vendor Nortekcontrol Subscriptions
Total 25 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-31798 1 Nortekcontrol 2 Emerge E3, Emerge E3 Firmware 2024-11-21 6.1 Medium
Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. This would allow an attacker to take over an admin account or a user account.
CVE-2022-31499 1 Nortekcontrol 2 Emerge E3, Emerge E3 Firmware 2024-11-21 9.8 Critical
Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256.
CVE-2022-31269 1 Nortekcontrol 2 Emerge E3, Emerge E3 Firmware 2024-11-21 8.2 High
Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.)
CVE-2019-7271 1 Nortekcontrol 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more 2024-11-21 N/A
Nortek Linear eMerge 50P/5000P devices have Default Credentials.
CVE-2019-7270 1 Nortekcontrol 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more 2024-11-21 8.8 High
Linear eMerge 50P/5000P devices allow Cross-Site Request Forgery (CSRF).
CVE-2019-7269 1 Nortekcontrol 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more 2024-11-21 9.8 Critical
Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution.
CVE-2019-7268 1 Nortekcontrol 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more 2024-11-21 10.0 Critical
Linear eMerge 50P/5000P devices allow Unauthenticated File Upload.
CVE-2019-7267 1 Nortekcontrol 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more 2024-11-21 9.8 Critical
Linear eMerge 50P/5000P devices allow Cookie Path Traversal.
CVE-2019-7266 1 Nortekcontrol 4 Linear Emerge 5000p, Linear Emerge 5000p Firmware, Linear Emerge 50p and 1 more 2024-11-21 9.8 Critical
Linear eMerge 50P/5000P devices allow Authentication Bypass.
CVE-2019-7265 1 Nortekcontrol 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more 2024-11-21 9.8 Critical
Linear eMerge E3-Series devices allow Remote Code Execution (root access over SSH).
CVE-2019-7264 1 Nortekcontrol 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more 2024-11-21 N/A
Linear eMerge E3-Series devices allow a Stack-based Buffer Overflow on the ARM platform.
CVE-2019-7263 1 Nortekcontrol 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more 2024-11-21 N/A
Linear eMerge E3-Series devices have a Version Control Failure.
CVE-2019-7262 1 Nortekcontrol 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more 2024-11-21 8.8 High
Linear eMerge E3-Series devices allow Cross-Site Request Forgery (CSRF).
CVE-2019-7261 1 Nortekcontrol 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more 2024-11-21 9.8 Critical
Linear eMerge E3-Series devices have Hard-coded Credentials.
CVE-2019-7260 1 Nortekcontrol 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more 2024-11-21 N/A
Linear eMerge E3-Series devices have Cleartext Credentials in a Database.
CVE-2019-7259 1 Nortekcontrol 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more 2024-11-21 8.8 High
Linear eMerge E3-Series devices allow Authorization Bypass with Information Disclosure.
CVE-2019-7258 1 Nortekcontrol 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more 2024-11-21 8.8 High
Linear eMerge E3-Series devices allow Privilege Escalation.
CVE-2019-7257 1 Nortekcontrol 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more 2024-11-21 10.0 Critical
Linear eMerge E3-Series devices allow Unrestricted File Upload.
CVE-2019-7256 1 Nortekcontrol 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more 2024-11-21 9.8 Critical
Linear eMerge E3-Series devices allow Command Injections.
CVE-2019-7255 1 Nortekcontrol 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more 2024-11-21 6.1 Medium
Linear eMerge E3-Series devices allow XSS.