Metrics
Affected Vendors & Products
Sat, 23 Nov 2024 02:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:zkteco:zkbio_time:9.0.1:*:*:*:*:*:*:* |
Tue, 12 Nov 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Zkteco
Zkteco zkbio Time |
|
CPEs | cpe:2.3:a:zkteco:zkbio_time:*:*:*:*:*:*:*:* | |
Vendors & Products |
Zkteco
Zkteco zkbio Time |
|
Metrics |
ssvc
|
Sun, 10 Nov 2024 05:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is an unknown function of the file /auth_files/photo/ of the component Image File Handler. The manipulation leads to direct request. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
Title | ZKTeco ZKBio Time Image File photo direct request | |
Weaknesses | CWE-425 | |
References |
| |
Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2024-11-10T05:31:04.017Z
Updated: 2024-11-14T15:32:34.411Z
Reserved: 2024-11-09T10:19:32.534Z
Link: CVE-2024-11049
Updated: 2024-11-12T15:41:01.329Z
Status : Analyzed
Published: 2024-11-10T06:15:03.390
Modified: 2024-11-23T01:41:19.207
Link: CVE-2024-11049
No data.