vulnerability

ZKTeco ZKBio Time: CVE-2023-38951: Improper Limitation of a Pathname to a Restricted Directory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	Aug 3, 2023	Aug 8, 2025	Aug 8, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Aug 3, 2023

Added

Aug 8, 2025

Modified

Aug 8, 2025

Description

ZKTeco BioTime allows authenticated attackers to create or overwrite arbitrary files on the server via crafted requests to /base/sftpsetting/ endpoints that abuse a path traversal issue in the Username field and a lack of input sanitization on the SSH Key field. Overwriting specific files may lead to arbitrary code execution as NT AUTHORITY\SYSTEM.

Solution

zkteco-zkbio-time-upgrade-latest

References

CVE-2023-38951
https://attackerkb.com/topics/CVE-2023-38951
URL-http://zkteco.com
URL-https://claroty.com/team82/disclosure-dashboard/cve-2023-38951

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today