Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple buffer overflow in ZkTeco-based OEM devices
Vulnerability Description
Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code. Due to the lack of protection mechanisms such as stack canaries and PIE, it is possible to successfully execute code even under restrictive conditions. This issue affects ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
ZkTeco ProFace X、Smartec ST-FR043、Smartec ST-FR041ME、ZAM170-NF-1.8.25-7354-Ver1.0.0 SQL注入漏洞
Vulnerability Description
ZkTeco OEM是中国ZkTeco公司的一款智能系统。 ZkTeco ProFace X、Smartec ST-FR043、Smartec ST-FR041ME、ZAM170-NF-1.8.25-7354-Ver1.0.0版本存在SQL注入漏洞,该漏洞源于缺乏某些保护机制,允许攻击者执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A