漏洞描述
Linear eMerge E3 系列是楼宇管理系统中行业领先的产品之一,因为它是行业中使用最广泛的产品之一。该系统card_scan_decoder.php存在命令执行漏洞,攻击者可通过该漏洞执行系统命令,获取服务器权限。
Linear eMerge E3-Series 门禁控制设备 card_scan_decoder.php 命令执行(CVE-2022-31499)
PoC代码
暂无相关漏洞推荐
- ZYCOO CooVox Series IP Phone System /login 默认口令漏洞
- Fujitsu IP Series 权限绕过漏洞(CVE-2023-38433)
- Linear eMerge E3 forgot_password 命令执行漏洞
- POC CVE-2018-12675: SV3C HD Camera L Series - Open Redirect
- POC CVE-2019-1943: Cisco Small Business 200,300 and 500 Series Switches - Open Redirect
- POC CVE-2019-7254: eMerge E3 1.00-06 - Local File Inclusion
- POC CVE-2019-7255: Linear eMerge E3 - Cross-Site Scripting
- POC CVE-2019-7256: eMerge E3 1.00-06 - Remote Code Execution
- POC CVE-2021-1472: Cisco Small Business RV Series - OS Command Injection
- POC CVE-2022-31269: Linear eMerge E3-Series - Information Disclosure
- POC CVE-2022-31499: Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection
- POC CVE-2022-31798: Nortek Linear eMerge E3-Series - Cross-Site Scripting
- POC CVE-2022-46381: Linear eMerge E3-Series - Cross-Site Scripting