Zkteco Zkbiosecurity V5000
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Zkteco Zkbiosecurity V5000.
By the Year
In 2026 there have been 0 vulnerabilities in Zkteco Zkbiosecurity V5000. Zkbiosecurity V5000 did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 3 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 2 | 8.80 |
It may take a day or so for new Zkbiosecurity V5000 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Zkteco Zkbiosecurity V5000 Security Vulnerabilities
XSS in ZKBio CVSecurity V5000 (v4.1.0) Push Config Section
CVE-2024-6344
- June 26, 2024
A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. This affects an unknown part of the component Push Configuration Section. The manipulation of the argument Configuration Name leads to cross site scripting. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component. The vendor explains, that "[s]ince ZKBio CVSecurity v5000 has been withdrawn from the market, we recommend upgrading to ZKBio CVSecurity V6600 6.1.3_R or above". This vulnerability only affects products that are no longer supported by the maintainer.
XSS
XSS in ZKBio CVSecurity V5000 4.1.0 Summer Schedule Handler
CVE-2024-6006
- June 15, 2024
A vulnerability was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Summer Schedule Handler. The manipulation of the argument Schedule Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor explains, "that ZKBio Security V5000 has been withdrawn from the market and [is] recommended for upgrading to the ZKBio CVSecurity latest version." This vulnerability only affects products that are no longer supported by the maintainer.
XSS
XSS in Department Section of ZKTeco ZKBio CVSecurity V5000 4.1.0
CVE-2024-6005
- June 15, 2024
A vulnerability was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Department Section. The manipulation of the argument Department Name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor explains, "that ZKBio Security V5000 has been withdrawn from the market and [is] recommended for upgrading to the ZKBio CVSecurity latest version." This vulnerability only affects products that are no longer supported by the maintainer.
XSS
ZKBioSecurity V5000 4.1.3 SQL Injection via /baseOpLog.do
CVE-2022-36635
8.8 - High
- October 07, 2022
ZKteco ZKBioSecurity V5000 4.1.3 was discovered to contain a SQL injection vulnerability via the component /baseOpLog.do.
SQL Injection
Arbitrary Admin Creation via HTTP in ZKTeco ZKBioSecurity V5000 3.0.5_r
CVE-2022-36634
8.8 - High
- October 07, 2022
An access control issue in ZKTeco ZKBioSecurity V5000 3.0.5_r allows attackers to arbitrarily create admin users via a crafted HTTP request.
AuthZ
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Zkteco Zkbiosecurity V5000 or by Zkteco? Click the Watch button to subscribe.
