VYPR
Vendor

Zkteco

Products
23
CVEs
57
Across products
62
Status
Private

Products

23

Recent CVEs

57
View all 57 CVEs →
  • CVE-2023-3943CriMay 21, 2024
    risk 0.65cvss 10.0epss 0.01

    Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code. Due to the lack of protection mechanisms such as stack canaries and PIE, it is possible to successfully execute code even under restrictive conditions. …

  • CVE-2023-3941CriMay 21, 2024
    risk 0.65cvss 10.0epss 0.01

    Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to write any file on the system with root privileges. This issue affects ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with the…

  • CVE-2023-3939CriMay 21, 2024
    risk 0.65cvss 10.0epss 0.01

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in ZkTeco-based OEM devices allows OS Command Injection. Since all the found command implementations are executed from the superuser, their impact is the maximum…

  • CVE-2016-20030CriMar 16, 2026
    risk 0.64cvss 9.8epss 0.01

    ZKTeco ZKBioSecurity 3.0 contains a user enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by submitting partial characters via the username parameter. Attackers can send requests to the authLoginAction!login.do script with varying…

  • CVE-2016-20026CriMar 16, 2026
    risk 0.64cvss 9.8epss 0.01

    ZKTeco ZKBioSecurity 3.0 contains hardcoded credentials in the bundled Apache Tomcat server that allow unauthenticated attackers to access the manager application. Attackers can authenticate with hardcoded credentials stored in tomcat-users.xml to upload malicious WAR archives…

  • CVE-2016-20024CriMar 16, 2026
    risk 0.64cvss 9.8epss 0.01

    ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable permissions on the ZKTimeNet3.0 directory and its contents to replace…

  • CVE-2016-20025HigMar 16, 2026
    risk 0.57cvss 8.8epss 0.00

    ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace…

  • CVE-2017-17056HigDec 4, 2017
    risk 0.57cvss 8.8epss 0.01

    The ZKTime Web Software 2.0.1.12280 allows the Administrator to elevate the privileges of the application user using a 'password_change()' function of the Modify Password component, reachable via the old_password, new_password1, and new_password2 parameters to the…

  • CVE-2017-13129HigSep 26, 2017
    risk 0.55cvss 8.0epss 0.01

    Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators by leveraging lack of anti-CSRF tokens.

  • CVE-2017-14680HigSep 21, 2017
    risk 0.52cvss 7.5epss 0.04

    ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document.

  • CVE-2023-3942HigMay 21, 2024
    risk 0.49cvss 7.5epss 0.01

    An 'SQL Injection' vulnerability, due to improper neutralization of special elements used in SQL commands, exists in ZKTeco-based OEM devices. This vulnerability allows an attacker to, in some cases, impersonate another user or perform unauthorized actions. In other instances,…

  • CVE-2023-3940HigMay 21, 2024
    risk 0.49cvss 7.5epss 0.01

    Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access any file on the system. This issue affects ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with the…

  • CVE-2016-20032HigMar 16, 2026
    risk 0.47cvss 7.2epss 0.00

    ZKTeco ZKAccess Security System 5.3.1 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads through the 'holiday_name' and 'memo' POST parameters. Attackers can submit crafted requests…

  • CVE-2025-54464HigAug 13, 2025
    risk 0.46cvss epss 0.00

    This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the…

  • CVE-2025-55279MedAug 13, 2025
    risk 0.45cvss epss 0.00

    This vulnerability exists in ZKTeco WL20 due to hard-coded private key stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve private key stored in the…

  • CVE-2025-54465MedAug 13, 2025
    risk 0.44cvss epss 0.00

    This vulnerability exists in ZKTeco WL20 due to hard-coded MQTT credentials and endpoints stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve the…

  • CVE-2016-20029MedMar 16, 2026
    risk 0.40cvss 6.2epss 0.00

    ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to access arbitrary files by modifying file paths used to retrieve local resources. Attackers can manipulate path parameters to bypass access controls and retrieve sensitive…

  • CVE-2016-20027MedMar 16, 2026
    risk 0.40cvss 6.1epss 0.00

    ZKTeco ZKBioSecurity 3.0 contains multiple reflected cross-site scripting vulnerabilities that allow attackers to execute arbitrary HTML and script code by injecting malicious payloads through unsanitized parameters in multiple scripts. Attackers can craft malicious URLs with…

  • CVE-2017-17057MedDec 4, 2017
    risk 0.40cvss 6.1epss 0.01

    There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script…

  • CVE-2016-20031MedMar 16, 2026
    risk 0.36cvss 5.5epss 0.00

    ZKTeco ZKBioSecurity 3.0 contains a local authorization bypass vulnerability in visLogin.jsp that allows attackers to authenticate without valid credentials by spoofing localhost requests. Attackers can exploit the EnvironmentUtil.getClientIp() method which treats IPv6 loopback…