The vulnerability of microprogrammed software in biometric terminal models ZkTeco ProFace X, Smartec ST-FR043, and Smartec ST-FR041ME arises from the lack of protective measures for the SQL query structure. This allows attackers to execute arbitrary SQL code, circumvent security restrictions, and gain unauthorized access to protected information.

The vulnerability of microprogrammed software in biometric terminal devices such as ZkTeco ProFace X, Smartec ST-FR043, and Smartec ST-FR041ME is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows attackers to execute arbitrary SQL code,...

The vulnerability of the microprogrammed software of the biometric terminals ZkTeco ProFace X, Smartec ST-FR043, and Smartec ST-FR041ME lies in buffer overflow attacks on the glass components, allowing intruders to execute arbitrary codes.

The vulnerability of microprogrammed software in biometric terminals ZkTeco ProFace X, Smartec ST-FR043, and Smartec ST-FR041ME stems from buffer overflows in the stack due to the absence of protection mechanisms like Canary and PIE. Exploiting this vulnerability allows an attacker operating...

The vulnerabilities of the Handler for User Photo Delete and Handler for Picture Delete Commands components, as well as the Cloud Service Command Handlers (PushCommandExecute) of the microprogramming software for biometric terminals ZkTeco ProFace X, Smartec ST-FR043, and Smartec ST-FR041ME, allow a intruder to execute arbitrary commands.

The vulnerabilities of the Handler for User Photo Delete and Handler for Picture Delete Commands, as well as the Cloud Service Command Handlers PushCommandExecute in the microprogramming software for biometric terminals ZkTeco ProFace X, Smartec ST-FR043, and Smartec ST-FR041ME, are related to th...

ZkTeco ProFace X、Smartec ST-FR043、Smartec ST-FR041ME、ZAM170-NF-1.8.25-7354-Ver1.0.0 SQL注入漏洞

ZkTeco OEM is an intelligent system from ZkTeco China. A SQL injection vulnerability exists in ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME, and ZAM170-NF-1.8.25-7354-Ver1.0.0 versions, which stems from the lack of certain protection mechanisms and allows an attacker to execute arbitrar...

ZkTeco OEM SQL注入漏洞

ZkTeco OEM is an intelligent system from the Chinese company ZkTeco. ZkTeco OEM suffers from a SQL injection vulnerability that stems from incorrect neutralization of special elements used in SQL commands, allowing an attacker to authenticate under any user in the device database. The following...

ZkTeco OEM 路径遍历漏洞

ZkTeco OEM is an intelligent system from the Chinese company ZkTeco. A path traversal vulnerability exists in ZkTeco OEM that originates from allowing an attacker to write to any file on the system with root privileges. The following products and versions are affected: ZkTeco ProFace X, Smartec...