All 5 CVE vulnerabilities found in ZkTeco-based OEM devices with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0, with AI-generated Chinese analysis, references, and POCs.
Vendor: ZkTeco
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-3943 | Multiple buffer overflow in ZkTeco-based OEM devices CWE-121 | 10.0 | Critical | 2024-05-21 |
| CVE-2023-3941 | Multiple arbitrary file writes in ZkTeco-based OEM devices CWE-23 | 10.0 | Critical | 2024-05-21 |
| CVE-2023-3940 | Multiple arbitrary file reads in ZkTeco-based OEM devices CWE-23 | 7.5 | High | 2024-05-21 |
| CVE-2023-3939 | Multiple command injection in ZkTeco-based OEM devices CWE-78 | 10.0 | Critical | 2024-05-21 |
| CVE-2023-3938 | Bypassing ZkTeco-based OEM devices/ZKTeco biometric authentication system via SQLi in QR code CWE-89 | 4.6 | Medium | 2024-05-21 |
All 5 known CVE vulnerabilities affecting ZkTeco-based OEM devices with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0 with full Chinese analysis, references, and POCs where available.