Skip to main content

Linear Emerge E3 Access Control Firmware

2 CVEs product

Monthly

CVE-2022-46381 MEDIUM POC This Month

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Linear Emerge E3 Access Control Firmware
NVD GitHub
CVSS 3.1
6.1
EPSS
1.7%
CVE-2022-38628 MEDIUM POC This Month

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting (XSS) vulnerability which is chained with a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Session Fixation Linear Emerge E3 Access Control Firmware
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
EPSS 2% CVSS 6.1
MEDIUM POC This Month

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Linear Emerge E3 Access Control Firmware
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting (XSS) vulnerability which is chained with a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Session Fixation Linear Emerge E3 Access Control Firmware
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy