High severity7.5NVD Advisory· Published May 30, 2024· Updated Jun 17, 2026
CVE-2024-35431
CVE-2024-35431
Description
ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via photoBase64. An unauthenticated user can download local files from the server. NOTE: Third parties have indicated other versions are also vulnerable including up to 6.4.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- ZKTeco/ZKBio CVSecuritydescription
- Range: <=6.4.1
- Range: <=6.4.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.