CVE-2023-3940

CVSS V2 None CVSS V3 None

Description

Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access any file on the system. This issue affects ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with the ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others.

Overview

CVE ID
CVE-2023-3940

Assigner
Kaspersky

Vulnerability Status
PUBLISHED

Published Version
2024-05-21T10:15:52.699Z

Last Modified Date
2024-06-04T17:17:36.995Z

Weakness Enumerations

CWE	URL
CWE-23	http://cwe.mitre.org/data/definitions/23.html

References

Reference URL	Reference Tags
https://github.com/klsecservices/Advisories/blob/master/K-ZkTeco-2023-003.md

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-3940
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3940

History

Created	Old Value	New Value	Data Type	Notes
2024-06-24 21:19:55				Added to TrackCVE