CVE-2016-20030
Awaiting Analysis Awaiting Analysis - Queue
User Enumeration Vulnerability in ZKTeco ZKBioSecurity 3.0 Authentication

Publication date: 2026-03-16

Last updated on: 2026-03-16

Assigner: VulnCheck

Description
ZKTeco ZKBioSecurity 3.0 contains a user enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by submitting partial characters via the username parameter. Attackers can send requests to the authLoginAction!login.do script with varying username inputs to enumerate valid user accounts based on application responses.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-16
Last Modified
2026-03-16
Generated
2026-05-06
AI Q&A
2026-03-16
EPSS Evaluated
2026-05-05
NVD
CVE-2016-20030
EUVD
EUVD-2016-10815
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
zkteco zkbiosecurity to 3.0.1.0_R_230 (inc)
zkteco zkbiosecurity 3.0.1.0_r_230
zkteco personnel 1.0.1.0_r_1916
zkteco access 6.0.1.0_r_1757
zkteco elevator 2.0.1.0_r_777
zkteco visitor 2.0.1.0_r_877
zkteco video 2.0.1.0_r_489
zkteco adms 1.0.1.0_r_197
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-551 If a web server does not fully parse requested URLs before it examines them for authorization, it may be possible for an attacker to bypass authorization protection.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

[{'type': 'paragraph', 'content': "CVE-2016-20030 is a user enumeration vulnerability in ZKTeco's ZKBioSecurity 3.0 platform. It allows unauthenticated attackers to discover valid usernames by submitting partial characters through the username parameter to the authLoginAction!login.do script. By analyzing the application's responses to these requests, attackers can determine which usernames exist in the system."}] [1, 2]


How can this vulnerability impact me? :

This vulnerability can impact you by exposing valid usernames to unauthenticated attackers, which can be used as a stepping stone for further attacks such as password guessing or phishing. It has a high severity rating with CVSS scores up to 9.8, indicating significant potential impact on confidentiality, integrity, and availability of the system.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by sending requests to the authLoginAction!login.do script with varying partial username inputs via the username parameter and analyzing the application responses to identify valid usernames.'}, {'type': 'paragraph', 'content': 'A proof-of-concept script named zkbiosec_userenum.py was developed to demonstrate this user enumeration issue.'}, {'type': 'paragraph', 'content': 'To manually test, you can use commands like curl to send HTTP POST requests with different partial usernames and observe the responses for differences indicating valid usernames.'}, {'type': 'list_item', 'content': 'Example curl command: curl -X POST -d "username=partial_input&password=dummy" http://target/authLoginAction!login.do -v'}, {'type': 'list_item', 'content': 'Repeat the command with different partial_input values and analyze response differences to enumerate valid usernames.'}] [1, 2]


What immediate steps should I take to mitigate this vulnerability?

I don't know


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart