Vulnerabilities > Zkteco > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-03 CVE-2023-38951 Path Traversal vulnerability in Zkteco Biotime 8.5.5
A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows attackers to write arbitrary files via using a malicious SFTP configuration.
network
low complexity
zkteco CWE-22
critical
9.8
2023-08-03 CVE-2023-38954 SQL Injection vulnerability in Zkteco Bioaccess IVS 3.3.1
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.
network
low complexity
zkteco CWE-89
critical
9.8