Name: Biotime
Author: Zkteco

🔍 What is Biotime?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2023-38951

CRITICAL CVSS 9.8 Aug 3, 2023

This vulnerability in ZKTeco BioTime allows authenticated attackers to perform path traversal attacks via crafted requests to /base/sftpsetting/ endpoints. By exploiting insufficient input sanitizatio...

CVE-2023-51142

HIGH CVSS 7.5 Apr 11, 2024

This vulnerability in ZKTeco BioTime allows remote attackers to access sensitive information without authentication. It affects BioTime versions 8.5.4 and earlier, potentially exposing employee data, ...

CVE-2023-38950

HIGH CVSS 7.5 Aug 3, 2023

An unauthenticated path traversal vulnerability in ZKTeco BioTime's iclock API allows attackers to read arbitrary files on the system by sending specially crafted requests. This affects ZKBioTime vers...