2 results (0.014 seconds)

CVSS: 6.5EPSS: %CPEs: 1EXPL: 1

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via eventRecord. ZKTeco ZKBio CVSecurity 6.1.1 es vulnerable a Directory Traversal a través de eventRecord. • https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35429.md • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-31: Path Traversal: 'dir\..\..\filename' •

CVSS: 7.1EPSS: %CPEs: 1EXPL: 1

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via BaseMediaFile. An authenticated user can delete local files from the server which can lead to DoS. ZKTeco ZKBio CVSecurity 6.1.1 es vulnerable a Directory Traversal a través de BaseMediaFile. Un usuario autenticado puede eliminar archivos locales del servidor, lo que puede provocar DoS. • https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-35428.md • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •