CVE-2023-3939

CVSS V2 None CVSS V3 None
Description
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in ZkTeco-based OEM devices allows OS Command Injection. Since all the found command implementations are executed from the superuser, their impact is the maximum possible. This issue affects ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with the ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly other.
Overview
  • CVE ID
  • CVE-2023-3939
  • Assigner
  • Kaspersky
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-05-21T09:45:00.639Z
  • Last Modified Date
  • 2024-06-04T17:17:32.124Z
History
Created Old Value New Value Data Type Notes
2024-06-24 20:45:49 Added to TrackCVE