CVE-2022-31269

HIGH NUCLEI

Nortek Linear eMerge E3-Series <0.32-09c - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2022-31269. PoCs published by omarhashem123, Henry4E36. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a writeup for CVE-2022-31269, an information disclosure vulnerability in Nortek Linear eMerge E3-Series that allows access to the admin dashboard. No exploit code is provided, only a description of the vulnerability.

Description

Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.)

Exploits (2)

nomisec WRITEUP 1 stars

by omarhashem123 · poc

https://github.com/omarhashem123/CVE-2022-31269

View Code ZIP pw:eip

This repository contains a writeup for CVE-2022-31269, an information disclosure vulnerability in Nortek Linear eMerge E3-Series that allows access to the admin dashboard. No exploit code is provided, only a description of the vulnerability.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: Nortek Linear eMerge E3-Series

No auth needed

Prerequisites: Network access to the vulnerable device

MITRE ATT&CK

T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 1 stars

by Henry4E36 · poc

https://github.com/Henry4E36/CVE-2022-31269

View Code ZIP pw:eip

This PoC exploits an information disclosure vulnerability in Nortek Control Linear eMerge E3-Series by fetching a test.txt file containing credentials. It parses and displays leaked usernames and passwords.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Nortek Control Linear eMerge E3-Series

No auth needed

Prerequisites: Network access to the target system

MITRE ATT&CK

T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Linear eMerge E3-Series - Information Disclosure

HIGHVERIFIEDby For3stCo1d

Shodan: http.title:"Linear eMerge" || http.title:"emerge" || http.title:"linear emerge"

FOFA: title="emerge" || title="linear emerge"

References (4)

Core 4

Core References

Not Applicable x_refsource_misc

https://eg.linkedin.com/in/omar-1-hashem

Product x_refsource_misc

https://www.nortekcontrol.com/access-control/

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/167990/Nortek-Linear-eMerge-E3-Series-Credential-Disclosure.html

Exploit, Third Party Advisory x_refsource_misc

https://gist.github.com/omarhashem123/71ec9223e90ea76a76096d777d9b945c

Scores

CVSS v3 8.2

EPSS 0.0487

EPSS Percentile 90.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

Details

CWE

CWE-798

Status published

Products (1)

nortekcontrol/emerge_e3_firmware < 0.32-09c

Published Aug 25, 2022

Tracked Since Feb 18, 2026