Metrics
Affected Vendors & Products
Tue, 12 Nov 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Zkteco
Zkteco zkbio Time |
|
CPEs | cpe:2.3:a:zkteco:zkbio_time:*:*:*:*:*:*:*:* | |
Vendors & Products |
Zkteco
Zkteco zkbio Time |
|
Metrics |
ssvc
|
Sun, 10 Nov 2024 05:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is an unknown function of the file /auth_files/photo/ of the component Image File Handler. The manipulation leads to direct request. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
Title | ZKTeco ZKBio Time Image File photo direct request | |
Weaknesses | CWE-425 | |
References |
| |
Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2024-11-10T05:31:04.017Z
Updated: 2024-11-12T15:41:07.341Z
Reserved: 2024-11-09T10:19:32.534Z
Link: CVE-2024-11049
Updated: 2024-11-12T15:41:01.329Z
Status : Awaiting Analysis
Published: 2024-11-10T06:15:03.390
Modified: 2024-11-12T13:56:24.513
Link: CVE-2024-11049
No data.