Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Zem800_firmware
(Zkteco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-09-04 | CVE-2023-4587 | An IDOR vulnerability has been found in ZKTeco ZEM800 product affecting version 6.60. This vulnerability allows a local attacker to obtain registered user backup files or device configuration files over a local network or through a VPN server. | Zem800_firmware | 5.5 | ||
| 2022-12-25 | CVE-2022-42953 | Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive information via direct requests for the form/DataApp?style=1 and form/DataApp?style=0 URLs. The affected versions may be before 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and 15.00 (ZMM200-220-210). The fixed versions are firmware version 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and firmware version 15.00 (ZMM200-220-210). | Zem500_firmware, Zem510_firmware, Zem560_firmware, Zem600_firmware, Zem720_firmware, Zem760_firmware, Zem800_firmware, Zmm200_firmware, Zmm210_firmware, Zmm220_firmware | 7.5 |