CVE-2025-55279

This vulnerability exists in ZKTeco WL20 due to hard-coded private key stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve private key stored in the firmware of the...

CVE-2025-54465

This vulnerability exists in ZKTeco WL20 due to hard-coded MQTT credentials and endpoints stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve the hard-coded MQTT...

CVE-2025-54465

This vulnerability exists in ZKTeco WL20 due to hard-coded MQTT credentials and endpoints stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve the hard-coded MQTT...

PT-2025-32980 · Zkteco · Zkteco Wl20

Name of the Vulnerable Software and Affected Versions: ZKTeco WL20 affected versions not specified Description: The device stores MQTT credentials and endpoints in plaintext within the firmware. An attacker with physical access can extract the firmware and analyze the binary data to retrieve the...