Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution.
References
Link | Resource |
---|---|
https://applied-risk.com/labs/advisories | Broken Link Not Applicable Third Party Advisory |
https://www.applied-risk.com/resources/ar-2019-006 | Third Party Advisory |
http://packetstormsecurity.com/files/155250/Linear-eMerge50P-5000P-4.6.07-Remote-Code-Execution.html | Exploit Third Party Advisory VDB Entry |
https://www.us-cert.gov/ics/advisories/icsa-20-184-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Information
Published : 2019-07-02 10:15
Updated : 2022-10-13 12:54
NVD link : CVE-2019-7269
Mitre link : CVE-2019-7269
JSON object : View
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Products Affected
nortekcontrol
- linear_emerge_5000p
- linear_emerge_5000p_firmware
- linear_emerge_50p
- linear_emerge_50p_firmware