CVE-2016-20025
CVE-2016-20025 affects ZKTeco ZKAccess Professional 3.5.3. The issue is an insecure file-permissions vulnerability where the Modify permission granted to the Authenticated Users group lets authenticated users replace executable binaries, enabling privilege escalation. Documented impact includes p...