CVE-2023-38950CISA KEVEPSS p99.7%

CVE-2023-38950ZKTeco BioTime Path Traversal Vulnerability

ZKTeco / BioTime

Description

ZKTeco BioTime contains a path traversal vulnerability in the iclock API that allows an unauthenticated attacker to read arbitrary files via supplying a crafted payload.

Scoring

EPSS84.88% probability of exploitation · percentile 99.7% · 2026-06-17T12:03:21Z

CISA KEV entry

Added to KEV: 2025-05-19

(incoming)1

TypeTargetConfidenceTier
KEVEntryZKTeco BioTime Path Traversal Vulnerabilitykev-cve-2023-389500%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2016-20029
CVE
CVE-2016-20024
CVE
Zyxel Multiple Firewalls Path Traversal Vulnerability
CVE
CVE-2025-64075
CVE
CVE-2026-35718
CVE
CVE-2016-20027
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.