CVE-2022-31499

CRITICAL EXPLOITED IN THE WILD NUCLEI

Nortek Linear eMerge E3-Series <0.32-08f - Command Injection

Title source: llm

Exploitation Summary

CVE-2022-31499 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 1 public exploit from researchers including omarhashem123. A Nuclei detection template is also available.

AI-analyzed exploit summary The repository contains only a README.md file describing CVE-2022-31499, a blind OS command injection vulnerability in Nortek Linear eMerge E3-Series. No exploit code or technical details are provided.

Description

Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256.

Exploits (1)

nomisec WRITEUP 1 stars

by omarhashem123 · poc

https://github.com/omarhashem123/CVE-2022-31499

View Code ZIP pw:eip

The repository contains only a README.md file describing CVE-2022-31499, a blind OS command injection vulnerability in Nortek Linear eMerge E3-Series. No exploit code or technical details are provided.

Classification

Writeup 30%

Attack Type

Rce

Complexity

Theoretical

Reliability

Theoretical

Target: Nortek Linear eMerge E3-Series

No auth needed

Prerequisites: Network access to the vulnerable device

MITRE ATT&CK

T1202 - Indirect Command Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection

CRITICALVERIFIEDby pikpikcu

Shodan: title:"eMerge" || http.title:"emerge" || http.title:"linear emerge"

FOFA: title="emerge" || title="linear emerge"

References (3)

Core 3

Core References

Not Applicable x_refsource_misc

https://eg.linkedin.com/in/omar-1-hashem

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/167991/Nortek-Linear-eMerge-E3-Series-Command-Injection.html

Exploit, Third Party Advisory x_refsource_misc

https://gist.github.com/omarhashem123/5f0c6f1394099b555740fdc5c7651ee2

Scores

CVSS v3 9.8

EPSS 0.6483

EPSS Percentile 99.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2023-01-12

InTheWild.io 2023-01-12

CWE

CWE-78

Status published

Products (1)

nortekcontrol/emerge_e3_firmware < 0.32-09c

Published Aug 25, 2022

Tracked Since Feb 18, 2026