Zkteco Zkteco-based Oem Devices With Firmware Zam170-nf-1.8.25-7354-ver1.0.0
5 CVEs affecting Zkteco Zkteco-based Oem Devices With Firmware Zam170-nf-1.8.25-7354-ver1.0.0. Latest disclosed: 2024-05-21. Critical: 3, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-3943 | Critical | 10.0 | 2024-05-21 | Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code. Due to the lack of protection mec… |
CVE-2023-3941 | Critical | 10.0 | 2024-05-21 | Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to write any file on the system with root privileges. This issue affec… |
CVE-2023-3939 | Critical | 10.0 | 2024-05-21 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in ZkTeco-based OEM devices allows OS Command Inject… |
CVE-2023-3940 | High | 7.5 | 2024-05-21 | Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access any file on the system. This issue affects ZkTeco-based OEM… |
CVE-2023-3938 | Medium | 4.6 | 2024-05-21 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ZkTeco-based OEM devices allows an attacker to authen… |