Vulnerabilities > Zkteco > Zem800 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-09-04 CVE-2023-4587 Authorization Bypass Through User-Controlled Key vulnerability in Zkteco Zem800 Firmware 6.60
An IDOR vulnerability has been found in ZKTeco ZEM800 product affecting version 6.60.
local
low complexity
zkteco CWE-639
5.5
5.5
2022-12-25 CVE-2022-42953 Forced Browsing vulnerability in Zkteco products
Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive information via direct requests for the form/DataApp?style=1 and form/DataApp?style=0 URLs.
network
low complexity
zkteco CWE-425
7.5
7.5