Lucene search

K

[email protected]CVE-2024-35431

HistoryMay 30, 2024 - 5:15 p.m.

CVE-2024-35431

2024-05-3017:15:34

[email protected]

web.nvd.nist.gov

24

zkteco

zkbio

cvsecurity

directory traversal

vulnerability

photobase64

unauthenticated user

local files

server

nvd

6.7 Medium

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via photoBase64. An unauthenticated user can download local files from the server.

References

github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35431.md

6.7 Medium

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

Related for CVE-2024-35431