CyberSec.Space Logo
Back to CVE Browser

CVE-2019-7268

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0480%
EPSS Percentile35.63th
PublishedJul 2, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

Linear eMerge 50P/5000P devices allow Unauthenticated File Upload.

Affected Platforms (CPE)

πŸ’»
Nortekcontrol

Linear Emerge 50p Firmware

<= 4.6.07
πŸ’»
Nortekcontrol

Linear Emerge 5000p Firmware

<= 4.6.07

References & Advisories

πŸ”— http://packetstormsecurity.com/files/155250/Linear-eMerge50P-5000P-4.6.07-Remote-Code-Execution.html
πŸ”— https://applied-risk.com/labs/advisories
πŸ”— https://www.applied-risk.com/resources/ar-2019-006
πŸ”— https://www.us-cert.gov/ics/advisories/icsa-20-184-01
πŸ”— http://packetstormsecurity.com/files/155250/Linear-eMerge50P-5000P-4.6.07-Remote-Code-Execution.html
πŸ”— https://applied-risk.com/labs/advisories
πŸ”— https://www.applied-risk.com/resources/ar-2019-006
πŸ”— https://www.us-cert.gov/ics/advisories/icsa-20-184-01

Related Vulnerabilities

CVE-2019-002010.0

Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full contr...

CVE-2019-002210.0

Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an attacker the ability to take full contro...

CVE-2019-390510.0

Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF.

CVE-2019-623510.0

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12...