VYPR

Vendor CVEs

Zkteco

All CVEs

57 total · sorted by risk
  • CVE-2023-3943CriMay 21, 2024
    risk 0.65cvss 10.0epss 0.01

    Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code. Due to the lack of protection mechanisms such as stack canaries and PIE, it is possible to successfully execute code even under restrictive conditions. …

  • CVE-2023-3941CriMay 21, 2024
    risk 0.65cvss 10.0epss 0.01

    Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to write any file on the system with root privileges. This issue affects ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with the…

  • CVE-2023-3939CriMay 21, 2024
    risk 0.65cvss 10.0epss 0.01

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in ZkTeco-based OEM devices allows OS Command Injection. Since all the found command implementations are executed from the superuser, their impact is the maximum…

  • CVE-2016-20030CriMar 16, 2026
    risk 0.64cvss 9.8epss 0.01

    ZKTeco ZKBioSecurity 3.0 contains a user enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by submitting partial characters via the username parameter. Attackers can send requests to the authLoginAction!login.do script with varying…

  • CVE-2016-20026CriMar 16, 2026
    risk 0.64cvss 9.8epss 0.01

    ZKTeco ZKBioSecurity 3.0 contains hardcoded credentials in the bundled Apache Tomcat server that allow unauthenticated attackers to access the manager application. Attackers can authenticate with hardcoded credentials stored in tomcat-users.xml to upload malicious WAR archives…

  • CVE-2016-20024CriMar 16, 2026
    risk 0.64cvss 9.8epss 0.01

    ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable permissions on the ZKTimeNet3.0 directory and its contents to replace…

  • CVE-2016-20025HigMar 16, 2026
    risk 0.57cvss 8.8epss 0.00

    ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace…

  • CVE-2017-17056HigDec 4, 2017
    risk 0.57cvss 8.8epss 0.01

    The ZKTime Web Software 2.0.1.12280 allows the Administrator to elevate the privileges of the application user using a 'password_change()' function of the Modify Password component, reachable via the old_password, new_password1, and new_password2 parameters to the…

  • CVE-2017-13129HigSep 26, 2017
    risk 0.55cvss 8.0epss 0.01

    Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators by leveraging lack of anti-CSRF tokens.

  • CVE-2017-14680HigSep 21, 2017
    risk 0.52cvss 7.5epss 0.04

    ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document.

  • CVE-2023-3942HigMay 21, 2024
    risk 0.49cvss 7.5epss 0.01

    An 'SQL Injection' vulnerability, due to improper neutralization of special elements used in SQL commands, exists in ZKTeco-based OEM devices. This vulnerability allows an attacker to, in some cases, impersonate another user or perform unauthorized actions. In other instances,…

  • CVE-2023-3940HigMay 21, 2024
    risk 0.49cvss 7.5epss 0.01

    Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access any file on the system. This issue affects ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with the…

  • CVE-2016-20032HigMar 16, 2026
    risk 0.47cvss 7.2epss 0.00

    ZKTeco ZKAccess Security System 5.3.1 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads through the 'holiday_name' and 'memo' POST parameters. Attackers can submit crafted requests…

  • CVE-2025-54464HigAug 13, 2025
    risk 0.46cvss epss 0.00

    This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the…

  • CVE-2025-55279MedAug 13, 2025
    risk 0.45cvss epss 0.00

    This vulnerability exists in ZKTeco WL20 due to hard-coded private key stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve private key stored in the…

  • CVE-2025-54465MedAug 13, 2025
    risk 0.44cvss epss 0.00

    This vulnerability exists in ZKTeco WL20 due to hard-coded MQTT credentials and endpoints stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve the…

  • CVE-2016-20029MedMar 16, 2026
    risk 0.40cvss 6.2epss 0.00

    ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to access arbitrary files by modifying file paths used to retrieve local resources. Attackers can manipulate path parameters to bypass access controls and retrieve sensitive…

  • CVE-2016-20027MedMar 16, 2026
    risk 0.40cvss 6.1epss 0.00

    ZKTeco ZKBioSecurity 3.0 contains multiple reflected cross-site scripting vulnerabilities that allow attackers to execute arbitrary HTML and script code by injecting malicious payloads through unsanitized parameters in multiple scripts. Attackers can craft malicious URLs with…

  • CVE-2017-17057MedDec 4, 2017
    risk 0.40cvss 6.1epss 0.01

    There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script…

  • CVE-2016-20031MedMar 16, 2026
    risk 0.36cvss 5.5epss 0.00

    ZKTeco ZKBioSecurity 3.0 contains a local authorization bypass vulnerability in visLogin.jsp that allows attackers to authenticate without valid credentials by spoofing localhost requests. Attackers can exploit the EnvironmentUtil.getClientIp() method which treats IPv6 loopback…

  • CVE-2025-15128MedDec 28, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was detected in ZKTeco BioTime up to 9.0.3/9.0.4/9.5.2. This affects an unknown part of the file /base/safe_setting/ of the component Endpoint. Performing a manipulation of the argument backup_encryption_password_decrypt/export_encryption_password_decrypt results…

  • CVE-2025-55280MedAug 13, 2025
    risk 0.34cvss epss 0.00

    This vulnerability exists in ZKTeco WL20 due to storage of Wi-Fi credentials, configuration data and system data in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary…

  • CVE-2023-3938MedMay 21, 2024
    risk 0.30cvss 4.6epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ZkTeco-based OEM devices allows an attacker to authenticate under any user from the device database. This issue affects  ZkTeco-based OEM devices (ZkTeco ProFace X,…

  • CVE-2016-20028MedMar 16, 2026
    risk 0.28cvss 4.3epss 0.00

    ZKTeco ZKBioSecurity 3.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious websites. Attackers can craft HTTP requests that add superadmin accounts without validity…

  • CVE-2024-2318MedMar 8, 2024
    risk 0.28cvss 4.3epss 0.01

    A vulnerability was found in ZKTeco ZKBio Media 2.0.0_x64_2024-01-29-1028. It has been classified as problematic. Affected is an unknown function of the file /pro/common/download of the component Service Port 9999. The manipulation of the argument fileName with the input…

  • CVE-2024-6006LowJun 15, 2024
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Summer Schedule Handler. The manipulation of the argument Schedule Name leads to cross site scripting. The…

  • CVE-2024-6005LowJun 15, 2024
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Department Section. The manipulation of the argument Department Name leads to cross site scripting.…

  • CVE-2024-1706LowFeb 21, 2024
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was determined in ZKTeco ZKBio Access IVS up to 3.3.2. This impacts an unknown function of the component Department Name Search Bar. This manipulation with the input hi causes cross site scripting. Remote exploitation of the attack is possible. The…

  • CVE-2023-38950KEVAug 3, 2023
    risk 0.19cvss epss 0.85

    A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload. This vulnerability was fixed in version 9.0.120240617.19506 of ZKBioTime.

  • CVE-2024-6344LowJun 26, 2024
    risk 0.16cvss 2.4epss 0.00

    A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. This affects an unknown part of the component Push Configuration Section. The manipulation of the argument Configuration Name leads to cross site scripting. It is possible to…

  • CVE-2022-42953Dec 25, 2022
    risk 0.04cvss epss 0.05

    Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive information via direct requests for the form/DataApp?style=1 and form/DataApp?style=0 URLs. The affected versions may be before 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and 15.00…

  • CVE-2023-38952Aug 3, 2023
    risk 0.02cvss epss 0.02

    Insecure access control in ZKTeco BioTime through 9.0.1 allows authenticated attackers to escalate their privileges due to the fact that session ids are not validated for the type of user accessing the application by default. Privilege restrictions between non-admin and admin…

  • CVE-2023-38951Aug 3, 2023
    risk 0.01cvss epss 0.03

    ZKTeco BioTime 8.5.5 through 9.x before 9.0.1 (20240617.19506) allows authenticated attackers to create or overwrite arbitrary files on the server via crafted requests to /base/sftpsetting/ endpoints that abuse a path traversal issue in the Username field and a lack of input…

  • CVE-2024-13966May 27, 2025
    risk 0.00cvss epss 0.00

    ZKTeco BioTime allows unauthenticated attackers to enumerate usernames and log in as any user with a password unchanged from the default value '123456'. Users should change their passwords (located under the Attendance Settings tab as "Self-Password").

  • CVE-2024-11049Nov 10, 2024
    risk 0.00cvss epss 0.00

    A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is an unknown function of the file /auth_files/photo/ of the component Image File Handler. The manipulation leads to direct request. It is possible to launch the attack remotely. The…

  • CVE-2023-51157Sep 25, 2024
    risk 0.00cvss epss 0.00

    Cross Site Scripting vulnerability in ZKTeco WDMS v.5.1.3 Pro allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the Emp Name parameter.

  • CVE-2024-6523Jul 5, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in ZKTeco BioTime up to 9.5.2. It has been classified as problematic. Affected is an unknown function of the component system-group-add Handler. The manipulation of the argument user with the input leads to cross site…

  • CVE-2023-51141Mar 21, 2024
    risk 0.00cvss epss 0.01

    An issue in ZKTeko BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive information via the Authentication & Authorization component

  • CVE-2023-51142Mar 21, 2024
    risk 0.00cvss epss 0.01

    An issue in ZKTeco BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive information.

  • CVE-2024-22988Feb 23, 2024
    risk 0.00cvss epss 0.01

    ZKteco ZKBio WDMS before 9.0.2 Build 20250526 allows an attacker to download a database backup via the /files/backup/ component because the filename is based on a predictable timestamp.

  • CVE-2023-4587Sep 4, 2023
    risk 0.00cvss epss 0.00

    An IDOR vulnerability has been found in ZKTeco ZEM800 product affecting version 6.60. This vulnerability allows a local attacker to obtain registered user backup files or device configuration files over a local network or through a VPN server.

  • CVE-2023-38955Aug 3, 2023
    risk 0.00cvss epss 0.01

    ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names.

  • CVE-2023-38956Aug 3, 2023
    risk 0.00cvss epss 0.01

    A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload.

  • CVE-2023-38954Aug 3, 2023
    risk 0.00cvss epss 0.01

    ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.

  • CVE-2023-38958Aug 3, 2023
    risk 0.00cvss epss 0.00

    An access control issue in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to arbitrarily close and open the doors managed by the platform remotely via sending a crafted web request.

  • CVE-2023-38949Aug 3, 2023
    risk 0.00cvss epss 0.00

    An issue in a hidden API in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to arbitrarily reset the Administrator password via a crafted web request.

  • CVE-2022-44213Dec 9, 2022
    risk 0.00cvss epss 0.00

    ZKTeco Xiamen Information Technology ZKBio ECO ADMS <=3.1-164 is vulnerable to Cross Site Scripting (XSS).

  • CVE-2021-39434Dec 5, 2022
    risk 0.00cvss epss 0.01

    A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0 through 11.1.0, builds 20180901, 20190510.1, 20200309.3, 20200930, 20201231, and 20210220.

  • CVE-2022-38801Nov 30, 2022
    risk 0.00cvss epss 0.00

    In Zkteco BioTime < 8.5.3 Build:20200816.447, an employee can hijack an administrator session and cookies using blind cross-site scripting.

  • CVE-2022-38803Nov 30, 2022
    risk 0.00cvss epss 0.01

    Zkteco BioTime < 8.5.3 Build:20200816.447 is vulnerable to Incorrect Access Control via Leave, overtime, Manual log. An authenticated employee can read local files by exploiting XSS into a pdf generator when exporting data as a PDF

Page 1 of 2