Vulnerabilities (CVE)

Filtered by vendor Zkteco Subscribe
Filtered by product Zem800 Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-4587 1 Zkteco 2 Zem800, Zem800 Firmware 2024-11-21 N/A 8.3 HIGH
An IDOR vulnerability has been found in ZKTeco ZEM800 product affecting version 6.60. This vulnerability allows a local attacker to obtain registered user backup files or device configuration files over a local network or through a VPN server.
CVE-2022-42953 1 Zkteco 20 Zem500, Zem500 Firmware, Zem510 and 17 more 2024-11-21 N/A 7.5 HIGH
Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive information via direct requests for the form/DataApp?style=1 and form/DataApp?style=0 URLs. The affected versions may be before 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and 15.00 (ZMM200-220-210). The fixed versions are firmware version 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and firmware version 15.00 (ZMM200-220-210).