cbcvebase.
CVE-2023-3941
published 2024-05-21

CVE-2023-3941: Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to write any file on the system with root privileges. This issue affects…

PriorityP263critical10CVSS 3.1
AVNACLPRNUINSCCHIHAH
EPSS
0.92%
55.7th percentile
Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to write any file on the system with root privileges. This issue affects ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with the ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others.

Affected

1 ranges
VendorProductVersion rangeFixed in
zktecozkteco-based_oem_devices_with_firmware_zam170-nf-1.8.25-7354-ver1.0.0
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.