Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:10 a.m.11 views

CVE-2023-3939

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in ZkTeco-based OEM devices allows OS Command Injection. Since all the found command implementations are executed from the superuser, their impact is the maximum possible. This issue affects...

10CVSS7.4AI score0.01324EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/06/14 8:9 a.m.39 views

ZKTeco Biometric System Found Vulnerable to 24 Critical Security Flaws

An analysis of a hybrid biometric access system from Chinese manufacturer ZKTeco has uncovered two dozen security flaws that could be used by attackers to defeat authentication, steal biometric data, and even deploy malicious backdoors. "By adding random user data to the database or using a fake ...

10CVSS9.6AI score0.01324EPSS
Exploits0
NVD
NVD
added 2024/05/21 10:15 a.m.30 views

CVE-2023-3939

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in ZkTeco-based OEM devices allows OS Command Injection. Since all the found command implementations are executed from the superuser, their impact is the maximum possible. This issue affects...

10CVSS9.9AI score0.01324EPSS
Exploits0References1
CVE
CVE
added 2024/05/21 9:45 a.m.76 views

CVE-2023-3939

CVE-2023-3939 is a high-severity OS command injection affecting ZkTeco-based OEM devices (notably ZKProFace X, Smartec ST-FR043/FR041ME) with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0. The vulnerability allows execution of arbitrary commands with root privileges via network-accessible components, l...

10CVSS7.2AI score0.01324EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/21 9:45 a.m.22 views

CVE-2023-3939 Multiple command injection in ZkTeco-based OEM devices

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in ZkTeco-based OEM devices allows OS Command Injection. Since all the found command implementations are executed from the superuser, their impact is the maximum possible. This issue affects...

10CVSS7.3AI score0.01324EPSS
Exploits0References1
Rows per page
Query Builder