Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-31499
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Nortek Control Linear eMerge E3-Series 操作系统命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Nortek Control Linear eMerge E3-Series是美国Nortek Control公司的一种门禁控制器。可指定人员在指定时间可以使用哪些门进出指定地点。 Nortek Control Linear eMerge E3-Series 0.32-09c版本存在安全漏洞,该漏洞源于操作系统命令盲注。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
-n/a n/a -
II. Public POCs for CVE-2022-31499
#POC DescriptionSource LinkShenlong Link
1CVE-2022-31499 Proof of Concepthttps://github.com/omarhashem123/CVE-2022-31499POC Details
2Nortek Linear eMerge E3-Series devices before 0.32-08f are susceptible to remote command injection via ReaderNo. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-7256. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-31499.yamlPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2022-31499
Please Login to view more intelligence information
New Vulnerabilities
Product: n/a
Vendor: n/a
V. Comments for CVE-2022-31499

No comments yet

Leave a comment