Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zkteco biotime 8.5.5 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-30515
ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an malicious user to view them through filename enumeration.
Zkteco Biotime 8.5.4
Zkteco Biotime 8.5.5
NA
CVE-2023-38949
An issue in a hidden API in ZKTeco BioTime v8.5.5 allows unauthenticated malicious users to arbitrarily reset the Administrator password via a crafted web request.
Zkteco Biotime 8.5.5
NA
CVE-2023-38950
A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated malicious users to read arbitrary files via supplying a crafted payload.
Zkteco Biotime 8.5.5
NA
CVE-2023-38951
A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows malicious users to write arbitrary files via using a malicious SFTP configuration.
Zkteco Biotime 8.5.5
NA
CVE-2023-38952
Insecure access control in ZKTeco BioTime v8.5.5 allows unauthenticated malicious users to read sensitive backup files and access sensitive information such as user credentials via sending a crafted HTTP request to the static files resources of the system.
Zkteco Biotime 8.5.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started