CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

niceforyou

linear_emerge_e3_access_control_firmware

4 known vulnerabilities · sorted by CVSS score

CVE-2022-38627

CRITICAL9.8

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter.

niceforyou / linear_emerge_e3_access_control_firmware+5

Network

Published Jan 3, 2023

CVE-2022-46381

MEDIUM6.1

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.

niceforyou / linear_emerge_e3_access_control_firmware+6

Network

Published Dec 13, 2022

CVE-2022-38628

MEDIUM6.1

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting (XSS) vulnerability which is chained with a local session fixation. This vulnerability allows attackers to escalate privileges via unspecified vectors.

niceforyou / linear_emerge_e3_access_control_firmware+6

Network

Published Dec 13, 2022

CVE-2022-42710

MEDIUM5.4

Nice (formerly Nortek) Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e devices are vulnerable to Stored Cross-Site Scripting (XSS).

niceforyou / linear_emerge_e3_access_control_firmware+5

Network

Published Jan 3, 2023