Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionCVE.org
ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to access arbitrary files by modifying file paths used to retrieve local resources. Attackers can manipulate path parameters to bypass access controls and retrieve sensitive information including configuration files, source code, and protected application resources.
AnalysisAI
ZKTeco ZKBioSecurity 3.0 contains a local file path manipulation vulnerability (CWE-276) that allows unauthenticated attackers to bypass access controls and read arbitrary files including configuration files, source code, and application resources. A publicly available proof-of-concept exists, and the vulnerability has moderate real-world risk due to its local attack vector requirement but high confidentiality impact on sensitive biometric system data.
Technical ContextAI
The vulnerability exploits improper file access control in ZKBioSecurity 3.0 (CPE: cpe:2.3:a:zkteco_inc.:zkteco_zkbiosecurity:*:*:*:*:*:*:*:*), a biometric security management system. The root cause falls under CWE-276 (Incorrect Default File Permissions), indicating the application fails to properly restrict file path operations when retrieving local resources. Attackers manipulate path parameters (likely directory traversal or symbolic link attacks) to access files outside intended directories. The vulnerability specifically targets the file retrieval mechanism that loads local application resources, suggesting improper input validation on file path parameters without adequate canonicalization or sandboxing.
RemediationAI
Specific patch versions are not explicitly provided in available references. Recommended actions: (1) Contact ZKTeco directly for security patches or workarounds for ZKBioSecurity 3.0; (2) Implement operating system-level file access controls restricting application process permissions to only required directories; (3) Disable or restrict local access to affected ZKBioSecurity systems to only trusted administrators; (4) Monitor file access patterns for suspicious path traversal attempts; (5) Upgrade to a patched version if available from ZKTeco; (6) Review https://www.vulncheck.com/advisories/zkteco-zkbiosecurity-file-path-manipulation-vulnerability and vendor security bulletins for patch availability and official remediation guidance.
More in Zkteco Zkbiosecurity
View allUser enumeration vulnerability in ZKTeco ZKBioSecurity 3.0 that allows unauthenticated attackers to discover valid usern
ZKTeco ZKBioSecurity 3.0 contains a local authentication bypass vulnerability in visLogin.jsp that allows low-privileged
ZKTeco ZKBioSecurity 3.0 contains a cross-site request forgery (CSRF) vulnerability that allows authenticated attackers
Reflected cross-site scripting (XSS) vulnerability in ZKTeco ZKBioSecurity 3.0 that allows unauthenticated attackers to
Same weakness CWE-276 – Incorrect Default Permissions
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2016-10813