Security Advisory

CVE-2016-20024

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-15 13:35:11

Last updated 2026-03-16 14:20:21

Assigner VulnCheck

State PUBLISHED

Description

ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable permissions on the ZKTimeNet3.0 directory and its contents to replace executable files with malicious binaries for privilege escalation.

← Browse all CVEs View on cve.org ↗