CVE-2016-20030
Deferred Deferred - Pending Action
User Enumeration Vulnerability in ZKTeco ZKBioSecurity 3.0 Authentication

Publication date: 2026-03-16

Last updated on: 2026-06-08

Assigner: VulnCheck

Description
ZKTeco ZKBioSecurity 3.0 contains a user enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by submitting partial characters via the username parameter. Attackers can send requests to the authLoginAction!login.do script with varying username inputs to enumerate valid user accounts based on application responses.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-16
Last Modified
2026-06-08
Generated
2026-06-16
AI Q&A
2026-03-16
EPSS Evaluated
2026-06-14
NVD
CVE-2016-20030
EUVD
EUVD-2016-10815
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
zkteco zkbiosecurity to 3.0.1.0_R_230 (inc)
zkteco zkbiosecurity 3.0.1.0_r_230
zkteco personnel 1.0.1.0_r_1916
zkteco access 6.0.1.0_r_1757
zkteco elevator 2.0.1.0_r_777
zkteco visitor 2.0.1.0_r_877
zkteco video 2.0.1.0_r_489
zkteco adms 1.0.1.0_r_197
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-551 If a web server does not fully parse requested URLs before it examines them for authorization, it may be possible for an attacker to bypass authorization protection.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2016-20030 is a user enumeration vulnerability in ZKTeco's ZKBioSecurity 3.0 platform. It allows unauthenticated attackers to discover valid usernames by submitting partial characters through the username parameter to the authLoginAction!login.do script. By analyzing the application's responses to these requests, attackers can determine which usernames exist in the system."}] [1, 2]

Impact Analysis

This vulnerability can impact you by exposing valid usernames to unauthenticated attackers, which can be used as a stepping stone for further attacks such as password guessing or phishing. It has a high severity rating with CVSS scores up to 9.8, indicating significant potential impact on confidentiality, integrity, and availability of the system.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by sending requests to the authLoginAction!login.do script with varying partial username inputs via the username parameter and analyzing the application responses to identify valid usernames.'}, {'type': 'paragraph', 'content': 'A proof-of-concept script named zkbiosec_userenum.py was developed to demonstrate this user enumeration issue.'}, {'type': 'paragraph', 'content': 'To manually test, you can use commands like curl to send HTTP POST requests with different partial usernames and observe the responses for differences indicating valid usernames.'}, {'type': 'list_item', 'content': 'Example curl command: curl -X POST -d "username=partial_input&password=dummy" http://target/authLoginAction!login.do -v'}, {'type': 'list_item', 'content': 'Repeat the command with different partial_input values and analyze response differences to enumerate valid usernames.'}] [1, 2]

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2016-20030. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart