CISA has published an advisory on path traversal, command injection, unrestricted upload of file with dangerous type, cross-site request forgery, and improper authentication vulnerabilities in Nortek Linear eMerge 50P/5000P. Versions 4.6.07 (revision 79330) and prior are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to gain full system access. Nortek has released v32-09a to address the vulnerabilities. CISA also recommends a series of measures to mitigate the vulnerabilities. Access the advisory at CISA.