Niceforyou Linear Emerge E3 Access Control Firmware vulnerabilities
4 known vulnerabilities affecting niceforyou/linear_emerge_e3_access_control_firmware.
Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
2
Severity breakdown
CRITICAL1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2022-38627P1CRITICALCVSS 9.8ExploitedPoCv0.32-07ev0.32-07p+4 more2023-01-03
CVE-2022-38627 [CRITICAL] CWE-89 CVE-2022-38627: Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-
Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter.
nvd
CVE-2022-46381P2MEDIUMCVSS 6.1ExploitedPoCv0.32-07ev0.32-07p+5 more2022-12-13
CVE-2022-46381 [MEDIUM] CWE-79 CVE-2022-46381: Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the b
Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.
nvd
CVE-2022-42710P4MEDIUMCVSS 5.4v0.32-07ev0.32-07p+4 more2023-01-03
CVE-2022-42710 [MEDIUM] CWE-79 CVE-2022-42710: Nice (formerly Nortek) Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.3
Nice (formerly Nortek) Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e devices are vulnerable to Stored Cross-Site Scripting (XSS).
nvd
CVE-2022-38628P4MEDIUMCVSS 6.1v0.32-07ev0.32-07p+5 more2022-12-13
CVE-2022-38628 [MEDIUM] CWE-384 CVE-2022-38628: Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-
Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting (XSS) vulnerability which is chained with a local session fixation. This vulnerability allows attackers to escalate privileges via unspecified vectors.
nvd