CVE-2016-20024 - ZKTeco ZKTime.Net 3.0.1.6 Insecure File Permissions Privilege Escalation
CVE ID :CVE-2016-20024
Published : March 15, 2026, 1:35 p.m. | 4 hours, 55 minutes ago
Description :ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable permissions on the ZKTimeNet3.0 directory and its contents to replace executable files with malicious binaries for privilege escalation.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : March 15, 2026, 1:35 p.m. | 4 hours, 55 minutes ago
Description :ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable permissions on the ZKTimeNet3.0 directory and its contents to replace executable files with malicious binaries for privilege escalation.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...