CRITICAL🇵🇱 Wersja polska

CVE-2023-3941

CVSS 10.0v3.1pub. 2024-05-21upd. 2026-04-15

Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to write any file on the system with root privileges. This issue affects ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with the ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others.

🤖 AI Analysis
How it works

The vulnerability stems from improper validation of relative paths (Relative Path Traversal, CWE-23) in device software. An attacker can submit a crafted network request containing path-changing sequences (e.g., '../'), which allows escaping the permitted directory and writing arbitrary content anywhere on the file system. The operation is performed with the highest system privileges (root), eliminating any access restrictions.

Impact

An attacker can overwrite or create any file on the system with root privileges, which in practice enables full control over the device — including installation of backdoors, configuration modification, disruption of access control system operation, or permanent compromise of the device.

Mitigation & patch

Patches available from the manufacturer should be applied in accordance with the references. It is also recommended to restrict network access to affected devices through network segmentation and firewall rules, so that access to the device interface is possible only from trusted network segments.

Who is affected

OEM devices based on ZkTeco platform, including ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME, and likely other OEM models, running ZkTeco ZAM170-NF-1.8.25-7354-Ver1.0.0 firmware and possibly other firmware versions.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References