Vulnerabilidades em ZkTeco
19 resultadosCVE-2023-3939CRITICALMultiple command injection in ZkTeco-based OEM devicesEPSS 1.3%CVE-2023-3943CRITICALMultiple buffer overflow in ZkTeco-based OEM devicesEPSS 0.9%CVE-2024-2318MEDIUMZKTeco ZKBio Media Service Port 9999 download path traversalEPSS 0.9%CVE-2023-3941CRITICALMultiple arbitrary file writes in ZkTeco-based OEM devicesEPSS 0.9%CVE-2023-3940HIGHMultiple arbitrary file reads in ZkTeco-based OEM devicesEPSS 0.8%CVE-2023-3942HIGHMultiple SQLi in ZkTeco-based OEM devicesEPSS 0.6%CVE-2026-8598CRITICALUnauthenticated Export Service in ZKTeco CCTV CamerasEPSS 0.5%CVE-2024-6523MEDIUMZKTeco BioTime system-group-add cross site scriptingEPSS 0.5%CVE-2024-1706MEDIUMZKTeco ZKBio Access IVS Department Name Search Bar cross site scriptingEPSS 0.4%CVE-2023-3938MEDIUMBypassing ZkTeco-based OEM devices/ZKTeco biometric authentication system via SQLi in QR codeEPSS 0.4%CVE-2024-6005MEDIUMZKTeco ZKBio CVSecurity V5000 Department Section cross site scriptingEPSS 0.4%CVE-2024-6006MEDIUMZKTeco ZKBio CVSecurity V5000 Summer Schedule cross site scriptingEPSS 0.4%CVE-2024-11049MEDIUMZKTeco ZKBio Time Image File photo direct requestEPSS 0.4%CVE-2024-6344MEDIUMZKTeco ZKBio CVSecurity V5000 Push Configuration Section cross site scriptingEPSS 0.4%CVE-2024-13966MEDIUMZKTeco BioTime default passwordEPSS 0.3%CVE-2025-45746MEDIUMIn ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft JWT token using the hardcoded secret to authenticate to the service coEPSS 0.3%CVE-2024-45250MEDIUMZKteco – CWE 200 Exposure of Sensitive Information to an Unauthorized ActorEPSS 0.3%CVE-2025-15128MEDIUMZKTeco BioTime Endpoint safe_setting credentials storageEPSS 0.3%CVE-2023-4587HIGHInsecure direct object reference in ZKTeco ZEM800EPSS 0.2%