EDB-47619
webappshardware
eMerge E3 1.00-06 - Remote Code Execution
CVE-2019-7256
LiquidWorm11/12/2019
CISA既知の悪用された脆弱性
Nice Linear eMerge E3-Series contains an OS command injection vulnerability that allows an attacker to conduct remote code execution.
必要な対応:
Contact the vendor for guidance on remediating firmware, per their advisory.
期限:
2024-04-15
説明
Linear eMerge E3-Series devices allow Command Injections.
AI分析AIによる分析
影響を受ける製品
nortekcontrollinear_emerge_essential_firmware
nortekcontrollinear_emerge_essential
-
nortekcontrollinear_emerge_elite_firmware
nortekcontrollinear_emerge_elite
-
利用可能なエクスプロイト (1)
参照
- http://packetstormsecurity.com/files/155255/Linear-eMerge-E3-1.00-06-card_scan.php-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/155256/Linear-eMerge-E3-1.00-06-card_scan_decoder.php-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/155272/Linear-eMerge-E3-Access-Controller-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/170372/Linear-eMerge-E3-Series-Access-Controller-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- https://applied-risk.com/labs/advisoriesNot Applicable
- https://www.applied-risk.com/resources/ar-2019-005Third Party Advisory
- http://packetstormsecurity.com/files/155255/Linear-eMerge-E3-1.00-06-card_scan.php-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/155256/Linear-eMerge-E3-1.00-06-card_scan_decoder.php-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/155272/Linear-eMerge-E3-Access-Controller-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/170372/Linear-eMerge-E3-Series-Access-Controller-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- https://applied-risk.com/labs/advisoriesNot Applicable
- https://www.applied-risk.com/resources/ar-2019-005Third Party Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-7256US Government Resource