2 matches found
CVE-2023-38956
A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload...
PT-2023-4125 · Zkteco · Zkteco Bioaccess Ivs
Name of the Vulnerable Software and Affected Versions: ZKTeco BioAccess IVS version 3.3.1 Description: The issue is related to a lack of protection for the SQL query structure, which can be exploited to execute arbitrary SQL code. This can be done remotely. Recommendations: For ZKTeco BioAccess I...