Описание
ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via photoBase64. An unauthenticated user can download local files from the server. NOTE: Third parties have indicated other versions are also vulnerable including up to 6.4.1.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:zkteco:zkbio_cvsecurity:6.1.1:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01673
Низкий
7.5 High
CVSS3
Дефекты
CWE-31
EPSS
Процентиль: 82%
0.01673
Низкий
7.5 High
CVSS3
Дефекты
CWE-31