VYPR

ZKT-Bio-CVSecurity

by Mrojz

CVEs (1)

  • CVE-2024-35431HigMay 30, 2024
    risk 0.49cvss 7.5epss 0.01

    ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via photoBase64. An unauthenticated user can download local files from the server. NOTE: Third parties have indicated other versions are also vulnerable including up to 6.4.1.