CVE-2024-35429

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via eventRecord...

PT-2024-26498 · Zkteco · Zkbio Cvsecurity

Name of the Vulnerable Software and Affected Versions: ZKTeco ZKBio CVSecurity version 6.1.1 Description: The issue concerns a Directory Traversal vulnerability via the eventRecord. Recommendations: For ZKTeco ZKBio CVSecurity version 6.1.1, consider restricting access to the eventRecord to...