Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zkteco biotime 8.5.5 vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2022-30515
ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an malicious user to view them through filename enumeration.
Zkteco Biotime 8.5.4
Zkteco Biotime 8.5.5
7.5
CVSSv3
CVE-2023-38949
An issue in a hidden API in ZKTeco BioTime v8.5.5 allows unauthenticated malicious users to arbitrarily reset the Administrator password via a crafted web request.
Zkteco Biotime 8.5.5
7.5
CVSSv3
CVE-2023-38950
A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated malicious users to read arbitrary files via supplying a crafted payload.
Zkteco Biotime 8.5.5
9.8
CVSSv3
CVE-2023-38951
A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows malicious users to write arbitrary files via using a malicious SFTP configuration.
Zkteco Biotime 8.5.5
7.5
CVSSv3
CVE-2023-38952
Insecure access control in ZKTeco BioTime v8.5.5 allows unauthenticated malicious users to read sensitive backup files and access sensitive information such as user credentials via sending a crafted HTTP request to the static files resources of the system.
Zkteco Biotime 8.5.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started