CVE-2023-38950: ZKTeco BioTime Path Traversal Vulnerability. ZKTeco BioTime

ZKTeco BioTime Path Traversal Vulnerability. ZKTeco BioTime contains a path traversal vulnerability in the iclock API that allows an unauthenticated attacker to read arbitrary files via supplying a crafted payload.

• CISA KEV-listed (remediation due 2025-06-09)
• EPSS 82.2% (99.2% percentile)

Browse the CVE database

Read the full analysis on IntelFusions