[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":40,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":47,"vulnerability-27171":53,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":83},[4,15,24,29,35],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[11],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":16,"slug":17,"text":18,"link":19,"external":9,"targets":20,"cta":22,"variant":23,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - Network Scanner","nginx-rift-network-scanner","🚨 Detection for NGINX Rift (CVE-2026-42945) now live. Are you exposed?","https://pentest-tools.com/pricing",[21],"/network-vulnerability-scanning/network-security-scanner-online","Find out with any plan","primary",{"title":25,"slug":26,"text":18,"link":19,"external":9,"targets":27,"cta":22,"variant":23,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - Port Scanner","nginx-rift-port-scanner",[28],"/network-vulnerability-scanning/port-scanner-online-nmap",{"title":30,"slug":31,"text":32,"link":8,"external":9,"targets":33,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - VulnDB Index","nginx-rift-vulndb","🚨 New: free scanner for NGINX Rift (CVE-2026-42945). Check your targets now.",[34],"/vulnerabilities-exploits",{"title":36,"slug":37,"text":32,"link":8,"external":9,"targets":38,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 -blog","nginx-rift-blog",[39],"/blog",["Island",41],{"key":42,"params":43,"result":45},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":44},"{}",{"head":46},{},["Island",48],{"key":49,"params":50,"result":51},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":44},{"head":52},{},{"id":54,"detectable_with":55,"vuln_details":62,"vuln_id":80,"name":81,"published":82,"updated":63},27171,{"tool":56,"engine":59},{"id":57,"name":58},1,"Network Scanner",{"id":60,"name":61},2,"Nuclei",{"id":54,"codename":63,"description":63,"severity":64,"risk_description":65,"public_description":66,"public_recommendation":67,"recommendation":63,"references":68,"cvssv3":74,"epss_score":75,"epss_percentile":76,"cve":77,"in_cisa_catalog":9,"date":79,"software_type":63,"vendor":63,"product":63,"ptt_exploit_capabilities":63},null,"high","Unauthenticated attackers can read arbitrary files from the server through path traversal in the iclock API url parameter, potentially exposing employee biometric data, attendance records, and system credentials.","A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload.","Update ZKTeco BioTime to a version newer than 8.5.5 that validates file paths in the iclock API and restricts access to authorized files only.",[69,70,71,72,73],"https://github.com/advisories/GHSA-4m8x-4g54-h49v","http://zkteco.com","https://claroty.com/team82/disclosure-dashboard/cve-2023-38950","https://www.fortinet.com/content/dam/fortinet/assets/reports/report-incident-response-middle-east.pdf","https://nvd.nist.gov/vuln/detail/CVE-2023-38950",7.5,0.834,0.99291,[78],"CVE-2023-38950","2023-08-03T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2023-38950","ZKTeco BioTime v8.5.5 - Path Traversal","2025-05-31T00:00:00Z",["Island",84],{"key":85,"params":86,"result":88},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":87},"{\"text-color\":\"gray\"}",{"head":89},{}]