7 matches found
EUVD-2023-44569
Malicious code in bioql PyPI...
CVE-2023-3939
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in ZkTeco-based OEM devices allows OS Command Injection. Since all the found command implementations are executed from the superuser, their impact is the maximum possible. This issue affects...
CVE-2023-3940
Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access any file on the system. This issue affects ZkTeco-based OEM devices ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others with the ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others...
CVE-2023-3938 Bypassing ZkTeco-based OEM devices/ZKTeco biometric authentication system via SQLi in QR code
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ZkTeco-based OEM devices allows an attacker to authenticate under any user from the device database. This issue affects ZkTeco-based OEM devices ZkTeco ProFace X, Smartec ST-FR043, Smartec...
ZkTeco OEM 路径遍历漏洞
ZkTeco OEM is an intelligent system from the Chinese company ZkTeco. A path traversal vulnerability exists in ZkTeco OEM that originates from allowing an attacker to write to any file on the system with root privileges. The following products and versions are affected: ZkTeco ProFace X, Smartec...
ZkTeco OEM SQL注入漏洞
ZkTeco OEM is an intelligent system from the Chinese company ZkTeco. ZkTeco OEM suffers from a SQL injection vulnerability that stems from incorrect neutralization of special elements used in SQL commands, allowing an attacker to authenticate under any user in the device database. The following...
PT-2024-12808 · Zkteco · Zkteco-Based Oem Devices
Name of the Vulnerable Software and Affected Versions: ZKTeco-based OEM devices versions ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly other Standalone service versions 2.1.6-20200907 and possibly others Description: An SQL Injection vulnerability exists in ZKTeco-based OEM devices due to improper...