exploitDog

GHSA-jw4j-j3xr-4wff

Опубликовано: 26 авг. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256.

Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256.

Ссылки

EPSS

Процентиль: 100%

0.92506

Критический

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2022-31499

CVSS3: 9.8

nvd

больше 3 лет назад

Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256.

EPSS

Процентиль: 100%

0.92506

Критический

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-78