CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 1CVE-2019-7266 – Linear eMerge50P/5000P 4.6.07 Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-7266
02 Jul 2019 — Linear eMerge 50P/5000P devices allow Authentication Bypass. Los dispositivos linear eMerge 50P / 5000P permiten la omisión de identificación. • https://packetstorm.news/files/id/155250 • CWE-565: Reliance on Cookies without Validation and Integrity Checking •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 2CVE-2019-7267 – Linear eMerge50P/5000P 4.6.07 Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-7267
02 Jul 2019 — Linear eMerge 50P/5000P devices allow Cookie Path Traversal. Los dispositivos lineales eMerge 50P / 5000P permiten el recorrido de la ruta de las cookies. • https://packetstorm.news/files/id/155250 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 2CVE-2019-7268 – Linear eMerge50P/5000P 4.6.07 Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-7268
02 Jul 2019 — Linear eMerge 50P/5000P devices allow Unauthenticated File Upload. Los dispositivos linear eMerge 50P / 5000P permiten la carga de archivos no identificados • https://packetstorm.news/files/id/155250 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 27%CPEs: 4EXPL: 3CVE-2019-7269 – eMerge50P 5000P 4.6.07 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-7269
02 Jul 2019 — Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution. Los dispositivos Linear eMerge 50P / 5000P permiten la inyección de comandos identificados con la ejecución de código root. • https://packetstorm.news/files/id/155250 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-7270
https://notcve.org/view.php?id=CVE-2019-7270
02 Jul 2019 — Linear eMerge 50P/5000P devices allow Cross-Site Request Forgery (CSRF). Los dispositivos linear eMerge 50P / 5000P permiten la falsificación de solicitudes Cross-Site (CSRF). • https://applied-risk.com/labs/advisories • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-7271
https://notcve.org/view.php?id=CVE-2019-7271
01 Jul 2019 — Nortek Linear eMerge 50P/5000P devices have Default Credentials. Los dispositivos Nortek Linear eMerge 50P/5000P tienen credenciales predeterminadas. • https://applied-risk.com/labs/advisories • CWE-522: Insufficiently Protected Credentials •