Vulnerability CVE-2023-38952
Published: 2023-08-03   Modified: 2023-08-04

Description:
Insecure access control in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read sensitive backup files and access sensitive information such as user credentials via sending a crafted HTTP request to the static files resources of the system.

 References:
https://claroty.com/team82/disclosure-dashboard/cve-2023-38952
http://zkteco.com
Copyright 2026, cxsecurity.com

 

Back to Top