4 matches found
CVE-2022-42953
Certain ZKTeco products ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM allow access to sensitive information via direct requests for the form/DataApp?style=1 and form/DataApp?style=0 URLs. The affected versions may be before 8.88 ZEM500-510-560-760, ZEM600-800, ZEM720 and 15.00 ZMM200-220-210. The...
PT-2022-26677 · Zkteco · Zem560 +9
Name of the Vulnerable Software and Affected Versions: ZKTeco ZEM500-510-560-760 versions prior to 8.88 ZKTeco ZEM600-800 versions prior to 8.88 ZKTeco ZEM720 versions prior to 8.88 ZKTeco ZMM200-220-210 versions prior to 15.00 Description: Certain ZKTeco products allow access to sensitive...
ZKTeco ZEM500-510-560-760 / ZEM600-800 / ZEM720 / ZMM Missing Authentication Vulnerability
ZKTeco ZEM500-510-560-760, ZEM600-800, ZEM720, and ZMM suffer from a missing authentication vulnerability. Versions below 8.88 ZEM500-510-560-760, ZEM600-800, ZEM720 and 15.00 ZMM200-220-210 are potentially affected. The ZKTeco time attendance device does not require authentication to use the web...
ZKTeco ZEM500-510-560-760 / ZEM600-800 / ZEM720 / ZMM Missing Authentication
Advisory: Missing Authentication in ZKTeco ZEM/ZMM Web Interface The ZKTeco time attendance device does not require authentication to use the web interface, exposing the database of employees and their credentials. Details ======= Product: ZKTeco ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM Affect...