VYPR

ZKBiosecurity Server

by Zkteco

CVEs (2)

  • CVE-2020-17474Aug 14, 2020
    risk 0.00cvss epss 0.01

    A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to create arbitrary new users, elevate users to administrators, delete users, and download user faces from the database.

  • CVE-2020-17473Aug 14, 2020
    risk 0.00cvss epss 0.01

    Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server.