Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ZKTeco Inc. — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting ZKTeco Inc.. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ZKTeco Inc. specializes in biometric identification and access control systems, including time attendance and security solutions. Historically, their products have been vulnerable to multiple security issues, including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The company has accumulated 9 CVEs on record, with several critical flaws allowing unauthorized access or system compromise. Notable characteristics include hardcoded credentials in firmware, insufficient input validation, and insecure default configurations. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities across their product line suggests significant security challenges that require immediate attention from both the vendor and users implementing their solutions.

Top products by ZKTeco Inc.: ZKTeco ZKBioSecurity ZKTeco ZKAccess Professional ZKTeco ZKAccess Security System ZKTeco ZKTime.Net
CVE IDTitleCVSSSeverityPublished
CVE-2016-20032 ZKTeco ZKAccess Security System 5.3.1 Stored XSS — ZKTeco ZKAccess Security SystemCWE-79 7.2 High2026-03-15
CVE-2016-20031 ZKTeco ZKBioSecurity 3.0 Local Authorization Bypass via visLogin.jsp — ZKTeco ZKBioSecurityCWE-798 5.5 Medium2026-03-15
CVE-2016-20030 ZKTeco ZKBioSecurity 3.0 User Enumeration via authLoginAction — ZKTeco ZKBioSecurityCWE-551 9.8 Critical2026-03-15
CVE-2016-20029 ZKTeco ZKBioSecurity 3.0 File Path Manipulation Vulnerability — ZKTeco ZKBioSecurityCWE-276 6.2 Medium2026-03-15
CVE-2016-20028 ZKTeco ZKBioSecurity 3.0 Cross-Site Request Forgery Superadmin — ZKTeco ZKBioSecurityCWE-352 4.3 Medium2026-03-15
CVE-2016-20027 ZKTeco ZKBioSecurity 3.0 Multiple Reflected XSS Vulnerabilities — ZKTeco ZKBioSecurityCWE-79 6.1 Medium2026-03-15
CVE-2016-20026 ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote Code Execution — ZKTeco ZKBioSecurityCWE-798 9.8 Critical2026-03-15
CVE-2016-20025 ZKTeco ZKAccess Professional 3.5.3 Privilege Escalation via Insecure Permissions — ZKTeco ZKAccess ProfessionalCWE-552 8.8 High2026-03-15
CVE-2016-20024 ZKTeco ZKTime.Net 3.0.1.6 Insecure File Permissions Privilege Escalation — ZKTeco ZKTime.NetCWE-538 9.8 Critical2026-03-15

This page lists every published CVE security advisory associated with ZKTeco Inc.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.