CVE-2024-9441

CRITICAL

Linear eMerge e3-Series <1.00-07 - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2024-9441. PoCs published by p33d, adhikara13, jk-mayne.

AI-analyzed exploit summary This PoC exploits a command injection vulnerability in a PHP-based web application's forgot password functionality to achieve remote code execution. It injects a PHP shell into the server and executes arbitrary commands via base64-encoded POST requests.

Description

The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary OS commands via the login_id parameter when invoking the forgot_password functionality over HTTP.

Exploits (3)

nomisec WORKING POC 6 stars

by p33d · poc

https://github.com/p33d/CVE-2024-9441

View Code ZIP pw:eip

This PoC exploits a command injection vulnerability in a PHP-based web application's forgot password functionality to achieve remote code execution. It injects a PHP shell into the server and executes arbitrary commands via base64-encoded POST requests.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Unspecified PHP-based web application (likely a CMS or custom application)

No auth needed

Prerequisites: Network access to the target web application · The vulnerable endpoint must be exposed

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 2 stars

by adhikara13 · poc

https://github.com/adhikara13/CVE-2024-9441

View Code ZIP pw:eip

This repository contains a functional PoC exploit for CVE-2024-9441, targeting Nortek Linear eMerge E3 systems. The exploit leverages a flaw in the password recovery feature to inject malicious PHP code, enabling pre-authentication remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Nortek Linear eMerge E3 (all versions prior to patch)

No auth needed

Prerequisites: Python 3.x · requests library · network access to target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by jk-mayne · poc

https://github.com/jk-mayne/CVE-2024-9441-Checker

View Code ZIP pw:eip

This Python script checks for CVE-2024-9441 by sending a command injection payload in the 'login_id' parameter and comparing response times to detect vulnerability. It uses a time-based approach to infer command execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Unknown (likely a web application with a forgot_password endpoint)

No auth needed

Prerequisites: Network access to the target · Target endpoint must be reachable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources vendor-advisory exploit

https://ssd-disclosure.com/ssd-advisory-nortek-linear-emerge-e3-pre-auth-rce/

Third Party Advisory third-party-advisory

https://vulncheck.com/advisories/linear-emerge-forgot-password

Scores

CVSS v3 9.8

EPSS 0.6763

EPSS Percentile 98.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-78

Status published

Products (1)

Linear/eMerge e3-Series < 1.00-07

Published Oct 02, 2024

Tracked Since Feb 18, 2026