CVSS: 10.0EPSS: 27%CPEs: 4EXPL: 3CVE-2019-7269 – eMerge50P 5000P 4.6.07 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-7269
02 Jul 2019 — Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution. Los dispositivos Linear eMerge 50P / 5000P permiten la inyección de comandos identificados con la ejecución de código root. • https://packetstorm.news/files/id/155250 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-7270
https://notcve.org/view.php?id=CVE-2019-7270
02 Jul 2019 — Linear eMerge 50P/5000P devices allow Cross-Site Request Forgery (CSRF). Los dispositivos linear eMerge 50P / 5000P permiten la falsificación de solicitudes Cross-Site (CSRF). • https://applied-risk.com/labs/advisories • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 97%CPEs: 4EXPL: 9CVE-2019-7256 – Nice Linear eMerge E3-Series OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2019-7256
02 Jul 2019 — Linear eMerge E3-Series devices allow Command Injections. Los dispositivos Linear eMerge E3-Series permiten Inyecciones de Comando. Nice Linear eMerge E3-Series contains an OS command injection vulnerability that allows an attacker to conduct remote code execution. • https://packetstorm.news/files/id/170372 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-7271
https://notcve.org/view.php?id=CVE-2019-7271
01 Jul 2019 — Nortek Linear eMerge 50P/5000P devices have Default Credentials. Los dispositivos Nortek Linear eMerge 50P/5000P tienen credenciales predeterminadas. • https://applied-risk.com/labs/advisories • CWE-522: Insufficiently Protected Credentials •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5439
https://notcve.org/view.php?id=CVE-2018-5439
19 Feb 2018 — A Command Injection issue was discovered in Nortek Linear eMerge E3 series Versions V0.32-07e and prior. A remote attacker may be able to execute arbitrary code on a target machine with elevated privileges. Se ha descubierto un problema de inyección de comandos en Nortek Linear eMerge E3 series en versiones V0.32-07e y anteriores. Un atacante remoto podría ejecutar código arbitrario en un sistema objetivo con privilegios elevados. • https://ics-cert.us-cert.gov/advisories/ICSA-18-046-01 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •