All 6 CVE vulnerabilities found in ZKTeco ZKBioSecurity, with AI-generated Chinese analysis, references, and POCs.
Vendor: ZKTeco Inc.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2016-20031 | ZKTeco ZKBioSecurity 3.0 Local Authorization Bypass via visLogin.jsp CWE-798 | 5.5 | Medium | 2026-03-15 |
| CVE-2016-20030 | ZKTeco ZKBioSecurity 3.0 User Enumeration via authLoginAction CWE-551 | 9.8 | Critical | 2026-03-15 |
| CVE-2016-20029 | ZKTeco ZKBioSecurity 3.0 File Path Manipulation Vulnerability CWE-276 | 6.2 | Medium | 2026-03-15 |
| CVE-2016-20028 | ZKTeco ZKBioSecurity 3.0 Cross-Site Request Forgery Superadmin CWE-352 | 4.3 | Medium | 2026-03-15 |
| CVE-2016-20027 | ZKTeco ZKBioSecurity 3.0 Multiple Reflected XSS Vulnerabilities CWE-79 | 6.1 | Medium | 2026-03-15 |
| CVE-2016-20026 | ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote Code Execution CWE-798 | 9.8 | Critical | 2026-03-15 |
All 6 known CVE vulnerabilities affecting ZKTeco ZKBioSecurity with full Chinese analysis, references, and POCs where available.