Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ZKTeco — Vulnerabilities & Security Advisories 17

Browse all 17 CVE security advisories affecting ZKTeco. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by ZKTeco:ZkTeco-based OEM devices with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0ZKBio CVSecurity V5000BioTimeZKBio Access IVSZKBio MediaZkTeco-based OEM devices with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0, Standalone service v. 2.1.6-20200907iClock v3.1-168ZKBio TimeZKBio CVSecurity
CVE IDTitleCVSSSeverityPublished
CVE-2025-15128 ZKTeco BioTime Endpoint safe_setting credentials storage — BioTimeCWE-256 5.3 Medium2025-12-28
CVE-2024-13966 ZKTeco BioTime default password — BioTimeCWE-1393 7.3 High2025-05-27
CVE-2025-45746 ZKTeco ZKBio CVSecurity 安全漏洞 — ZKBio CVSecurityCWE-321 6.5 Medium2025-05-13
CVE-2024-11049 ZKTeco ZKBio Time Image File photo direct request — ZKBio TimeCWE-425 3.7 Low2024-11-10
CVE-2024-45250 ZKteco – CWE 200 Exposure of Sensitive Information to an Unauthorized Actor — iClock v3.1-168CWE-200 4.3 Medium2024-10-06
CVE-2024-6523 ZKTeco BioTime system-group-add cross site scripting — BioTimeCWE-79 3.5 Low2024-07-05
CVE-2024-6344 ZKTeco ZKBio CVSecurity V5000 Push Configuration Section cross site scripting — ZKBio CVSecurity V5000CWE-79 2.4 Low2024-06-26
CVE-2024-6006 ZKTeco ZKBio CVSecurity V5000 Summer Schedule cross site scripting — ZKBio CVSecurity V5000CWE-79 3.5 Low2024-06-15
CVE-2024-6005 ZKTeco ZKBio CVSecurity V5000 Department Section cross site scripting — ZKBio CVSecurity V5000CWE-79 3.5 Low2024-06-15
CVE-2023-3943 Multiple buffer overflow in ZkTeco-based OEM devices — ZkTeco-based OEM devices with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0CWE-121 10.0 Critical2024-05-21
CVE-2023-3942 Multiple SQLi in ZkTeco-based OEM devices — ZkTeco-based OEM devices with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0, Standalone service v. 2.1.6-20200907CWE-89 7.5 High2024-05-21
CVE-2023-3941 Multiple arbitrary file writes in ZkTeco-based OEM devices — ZkTeco-based OEM devices with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0CWE-23 10.0 Critical2024-05-21
CVE-2023-3940 Multiple arbitrary file reads in ZkTeco-based OEM devices — ZkTeco-based OEM devices with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0CWE-23 7.5 High2024-05-21
CVE-2023-3939 Multiple command injection in ZkTeco-based OEM devices — ZkTeco-based OEM devices with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0CWE-78 10.0 Critical2024-05-21
CVE-2023-3938 Bypassing ZkTeco-based OEM devices/ZKTeco biometric authentication system via SQLi in QR code — ZkTeco-based OEM devices with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0CWE-89 4.6 Medium2024-05-21
CVE-2024-2318 ZKTeco ZKBio Media Service Port 9999 download path traversal — ZKBio MediaCWE-24 4.3 Medium2024-03-08
CVE-2024-1706 ZKTeco ZKBio Access IVS Department Name Search Bar cross site scripting — ZKBio Access IVSCWE-79 3.5 Low2024-02-21

This page lists every published CVE security advisory associated with ZKTeco. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.