Bioaccess Ivs

bioaccess_ivs

Vendor: Zkteco • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-38958 1Zkteco 1Bioaccess Ivs Nov 21, 2024 Aug 3, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 An access control issue in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to arbitrarily close and open the doors managed by the platform remotely via sending a crafted web request.
CVE-2023-38956 1Zkteco 1Bioaccess Ivs Nov 21, 2024 Aug 3, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload.
CVE-2023-38955 1Zkteco 1Bioaccess Ivs Nov 21, 2024 Aug 3, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names.
CVE-2023-38954 1Zkteco 1Bioaccess Ivs Nov 21, 2024 Aug 3, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.