CVE-2024-35428

1976-01-0100:00:00

mitre

github.com

AI Score

6.5

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via BaseMediaFile. An authenticated user can delete local files from the server which can lead to DoS.

References

github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35428.md