8 matches found
EUVD-2020-9426
Malware in sbrugna...
ZKTeco FaceDepot and ZKBiosecurity Server Persistent Token Vulnerability
ZKTeco FaceDepot is a face attendance system. A persistent token vulnerability exists in ZKTeco FaceDepot version 7B 1.0.213 and ZKBiosecurity Server version 1.0.020190723, which stems from a lack of two-way authentication in the program, and can be exploited by an attacker to obtain a long-lived...
CVE-2020-17473
Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.020190723 allows an attacker to obtain a long-lasting token by impersonating the server...
CVE-2020-17473
Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.020190723 allows an attacker to obtain a long-lasting token by impersonating the server...
CVE-2020-17474
A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.020190723 allows an attacker to create arbitrary new users, elevate users to administrators, delete users, and download user faces from the database...
Code injection
A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.020190723 allows an attacker to create arbitrary new users, elevate users to administrators, delete users, and download user faces from the database...
Authentication flaw
Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.020190723 allows an attacker to obtain a long-lasting token by impersonating the server...
CVE-2020-17474
A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.020190723 allows an attacker to create arbitrary new users, elevate users to administrators, delete users, and download user faces from the database...