A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to create arbitrary new users, elevate users to administrators, delete users, and download user faces from the database.
CPE | Name | Operator | Version |
---|---|---|---|
facedepot_7b_firmware | eq | 1.0.213 | |
zkbiosecurity_server | eq | 1.0.0-20190723 |