cbcvebase.
CVE-2023-3940
published 2024-05-21

CVE-2023-3940: Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access any file on the system. This issue affects ZkTeco-based OEM…

PriorityP350high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.78%
51.1th percentile
Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access any file on the system. This issue affects ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with the ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others.

Affected

1 ranges
VendorProductVersion rangeFixed in
zktecozkteco-based_oem_devices_with_firmware_zam170-nf-1.8.25-7354-ver1.0.0
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.