EDB-47619
webappshardware
eMerge E3 1.00-06 - Remote Code Execution
CVE-2019-7256
LiquidWorm11/12/2019
CVE-2019-7256
9.8CRITICALLinear eMerge E3-Series devices allow Command Injections.
Publicado: 7/2/2019Atualizado: 11/6/2025
Vulnerabilidade Explorada Conhecida (CISA)
Nice Linear eMerge E3-Series contains an OS command injection vulnerability that allows an attacker to conduct remote code execution.
Ação Necessária:
Contact the vendor for guidance on remediating firmware, per their advisory.
Prazo:
2024-04-15
Descrição
Linear eMerge E3-Series devices allow Command Injections.
Análise IADesenvolvido por IA
Produtos Afetados
nortekcontrollinear_emerge_essential_firmware
nortekcontrollinear_emerge_essential
-
nortekcontrollinear_emerge_elite_firmware
nortekcontrollinear_emerge_elite
-
Exploits Disponíveis (1)
Referências
- http://packetstormsecurity.com/files/155255/Linear-eMerge-E3-1.00-06-card_scan.php-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/155256/Linear-eMerge-E3-1.00-06-card_scan_decoder.php-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/155272/Linear-eMerge-E3-Access-Controller-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/170372/Linear-eMerge-E3-Series-Access-Controller-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- https://applied-risk.com/labs/advisoriesNot Applicable
- https://www.applied-risk.com/resources/ar-2019-005Third Party Advisory
- http://packetstormsecurity.com/files/155255/Linear-eMerge-E3-1.00-06-card_scan.php-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/155256/Linear-eMerge-E3-1.00-06-card_scan_decoder.php-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/155272/Linear-eMerge-E3-Access-Controller-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/170372/Linear-eMerge-E3-Series-Access-Controller-Command-Injection.htmlExploitThird Party AdvisoryVDB Entry
- https://applied-risk.com/labs/advisoriesNot Applicable
- https://www.applied-risk.com/resources/ar-2019-005Third Party Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-7256US Government Resource