Is there a public PoC exploit available for CVE-2016-20030?

Yes, a public proof-of-concept exploit is available for CVE-2016-20030. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2016-20030?

Within 24 hours: inventory all ZKTeco ZKBioSecurity 3.0 installations and isolate affected systems from internet-facing access; notify all users of the vulnerability. Within 7 days: implement network segmentation to restrict access to the authLoginAction!login.do endpoint and deploy WAF rules to block username enumeration patterns; contact ZKTeco for patch availability and timeline. Within 30 days: either deploy vendor patch upon release, migrate to an alternative biometric platform without known critical vulnerabilities, or maintain permanent network-level restrictions if patching is unavailable.

CVE-2016-20030

Q: What is the CVSS score of CVE-2016-20030?

CVE-2016-20030 has a CVSS 4.0 base score of 9.3 (Critical). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

EUVD-2016-10815 CRITICAL

Incorrect Behavior Order: Authorization Before Parsing and Canonicalization (CWE-551)

2026-03-15 VulnCheck

Information Disclosure

9.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

CVSS changed

Apr 15, 2026 - 15:22 NVD

9.8 (CRITICAL) 9.3 (CRITICAL)

PoC Detected

Mar 16, 2026 - 14:53 vuln.today

Public exploit code

EUVD ID Assigned

Mar 15, 2026 - 14:00 euvd

EUVD-2016-10815

Analysis Generated

Mar 15, 2026 - 14:00 vuln.today

CVE Published

Mar 15, 2026 - 13:35 nvd

CRITICAL 9.8

DescriptionNVD

ZKTeco ZKBioSecurity 3.0 contains a user enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by submitting partial characters via the username parameter. Attackers can send requests to the authLoginAction!login.do script with varying username inputs to enumerate valid user accounts based on application responses.

AnalysisAI

User enumeration vulnerability in ZKTeco ZKBioSecurity 3.0 that allows unauthenticated attackers to discover valid usernames through partial character submissions to the authentication endpoint. A public proof-of-concept exploit is available, making this vulnerability actively exploitable, though it has a notably high CVSS score of 9.8 that appears inflated given the actual impact is limited to information disclosure.

Technical ContextAI

The vulnerability affects ZKTeco ZKBioSecurity version 3.0 (CPE: cpe:2.3:a:zkteco_inc.:zkteco_zkbiosecurity:*:*:*:*:*:*:*:*), a biometric security management system. The root cause is CWE-551 (Incorrect Behavior Order: Authorization Before Parsing and Canonicalization), where the authLoginAction!login.do script responds differently to partial username inputs, allowing attackers to enumerate valid accounts. This is a classic timing/response-based enumeration flaw in the authentication mechanism.

RemediationAI

No specific patch information is available in the provided references. Organizations should: 1) Contact ZKTeco for an updated version that addresses this vulnerability, 2) Implement rate limiting on the authentication endpoint, 3) Ensure consistent error messages regardless of username validity, 4) Monitor authentication logs for enumeration attempts. The vendor advisory link (https://www.vulncheck.com/advisories/zkteco-zkbiosecurity-user-enumeration-via-authloginaction) should be consulted for official guidance.

CVE-2016-20030 vulnerability details – vuln.today

Back

CVE-2016-20030

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

CVE-2016-20030

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code