Back to CVE Browser

CVE-2019-7257

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1470%

EPSS Percentile0.45th

PublishedJul 2, 2019

Last ModifiedNov 21, 2024

Vulnerability Description

Linear eMerge E3-Series devices allow Unrestricted File Upload.

Affected Platforms (CPE)

💻

Nortekcontrol

Linear Emerge Essential Firmware

<= 1.00-06

💻

Nortekcontrol

Linear Emerge Elite Firmware

<= 1.00-06

References & Advisories

🔗 http://packetstormsecurity.com/files/155254/Linear-eMerge-E3-1.00-06-Arbitrary-File-Upload-Remote-Root-Code-Execution.html

🔗 https://applied-risk.com/labs/advisories

🔗 https://www.applied-risk.com/resources/ar-2019-005

🔗 http://packetstormsecurity.com/files/155254/Linear-eMerge-E3-1.00-06-Arbitrary-File-Upload-Remote-Root-Code-Execution.html

🔗 https://applied-risk.com/labs/advisories

🔗 https://www.applied-risk.com/resources/ar-2019-005

Related Vulnerabilities

CVE-2019-1068610.0

An SSRF vulnerability was found in an API from Ctrip Apollo through 1.4.0-SNAPSHOT. An attacker may use it to do an intranet port ...

CVE-2019-917410.0

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1....

CVE-2019-390510.0

Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF.

CVE-2019-700310.0

A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated attacker to execu...