mrojz

CVE-2024-35428 WRITEUP HIGH WRITEUP

ZKTeco ZKBio CVSecurity 6.1.1 - Authenticated Path Traversal and Denial of Service via BaseMediaFile

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via BaseMediaFile. An authenticated user can delete local files from the server which can lead to DoS.

CVSS 7.1

View Code

CVE-2024-35429 WRITEUP MEDIUM WRITEUP

ZKTeco ZKBio CVSecurity 6.1.1 - Path Traversal via eventRecord

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via eventRecord.

CVSS 6.5

View Code

CVE-2024-35430 WRITEUP HIGH WRITEUP

ZKTeco ZKBio CVSecurity <= 6.1.1_R - Authenticated Privilege Escalation via Password Bypass

In ZKTeco ZKBio CVSecurity v6.1.1_R and earlier (fixed in 6.1.3_R) an authenticated user can bypass password checks while exporting data from the application.

CVSS 8.1

View Code

CVE-2024-35431 WRITEUP HIGH WRITEUP

ZKTeco ZKBio CVSecurity 6.1.1-6.4.1 - Unauthenticated Path Traversal via photoBase64

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via photoBase64. An unauthenticated user can download local files from the server. NOTE: Third parties have indicated other versions are also vulnerable including up to 6.4.1.

CVSS 7.5

View Code

CVE-2024-35432 WRITEUP MEDIUM WRITEUP

ZKTeco ZKBio CVSecurity 6.1.1 - Authenticated Cross-Site Scripting via Audio File

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Cross Site Scripting (XSS) via an Audio File. An authenticated user can injection malicious JavaScript code to trigger a Cross Site Scripting.

CVSS 6.1

View Code

CVE-2024-35433 WRITEUP HIGH WRITEUP

ZKTeco ZKBio CVSecurity 6.1.1 - Authenticated Incorrect Access Control

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Incorrect Access Control. An authenticated user, without the permissions of managing users, can create a new admin user.

CVSS 8.1

View Code